WireSock SOCKS5 Issues

Home Forums Discussions Support Portal WireSock SOCKS5 Issues

Tagged: 

Viewing 11 posts - 1 through 11 (of 11 total)
  • Author
    Posts
  • #12231
    WireNoob
    Participant

    Hi

    I can’t get WireSock to work with my SOCKS5 proxy.  The proxy itself is fine since I can use it for firefox without using a VPN. WireSock also works perfectly when removing the proxy setting in the config.

    [Interface]
    PrivateKey = xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
    Address = 192.168.1.3/24
    DNS = 1.1.1.1

    [Peer]
    PublicKey = xxxxxxxxxxxxxxxxxxxxxxxxxxxxx
    AllowedIPs = 0.0.0.0/0, ::/0
    Endpoint = 94.xxxxxxxxxxxxxxxx:443
    Socks5Proxy = 127.0.0.1:7654
    DisallowedIPs = 192.168.11.111/24

    Terminal output: https://pastebin.com/iPJBJYLT

     

    Please let me know if you need more information.

     

     

    #12232
    WireNoob
    Participant

    I start the proxy with this command: ssh -D 127.0.0.1:7654 xxxx@94.xxxxxxxxx -p80

    #12233
    Vadim Smirnov
    Keymaster

    Unfortunately, the SOCKS5 proxy provided by the SSH client does not support UDP and you cannot use it to forward the handshake. You need to set up a SOCKS5 UDP-enabled proxy (Dante) on the remote machine to use this option.

    #12234
    WireNoob
    Participant

    I’ve never heard of a Dante proxy before. Maybe it’s obvious that WireGuard would need a UDP-enabled proxy, but for me this is all pretty new. I don’t think it is mentioned anywhere in the installation guide so I suggest adding the requirement to help noobs like me in the future.

    I’ll get starting on setting up Dante then.

    Thanks for the help!

    #12235
    WireNoob
    Participant

    I have now set up a Dante server. Sadly, my WireSock still doesn’t work.

    https://pastebin.com/3ZUAyT0P

    It seems like the dante server is working correctly since it says “authentication SUCCESS”, but I’m not sure how I can verify the correct installation on my windows client.

     

    #12236
    Vadim Smirnov
    Keymaster

    According to the wiresock log, the authentication and UDP ASSOCIATE commands succeeded, but the handshake packet did not reach its destination. Most likely, it was blocked by the firewall (iptables or VPS provider). Please check this post for configuration details. They are specific to the Oracle cloud, but should be close to any other VPS.

    #12237
    WireNoob
    Participant

    My Dante server is running at home. I doubt they will block that IP address and not one from Oracle. Also, I tested WireSock on my 4g hotspot, which hasn’t blocked anything up until now.

    #12238
    Vadim Smirnov
    Keymaster

    Check if you allowed configured UDP port range on Dante server machine, e.g. for 40000-45000 range it can be done by the command below:

    iptables -I INPUT -p udp --dport 40000:45000 -j ACCEPT

    #12239
    WireNoob
    Participant

    No, I did not know this was necessary. I used your command and restarted the server, but nothing changed sadly.

    #12240
    Vadim Smirnov
    Keymaster

    I’m afraid something is wrong with your Dante server configuration. Unfortunately, it is difficult to guess and advise.

    #12242
    WireNoob
    Participant

    I followed your guide to make a Dante server in Oracle Cloud. Good news! I managed to make WireSock work with the proxy. The bad news is that it only works on my 4G and not on the network on which I’m trying to get a VPN working. The output of my terminal stays similar to before on that network. I guess the firewall is too smart for this method to work.
    I think OpenVPN supports full packet encapsulation through a proxy so I might try that.

    Thanks for the help!

Viewing 11 posts - 1 through 11 (of 11 total)
  • You must be logged in to reply to this topic.