Vadim Smirnov

Forum Replies Created

Viewing 15 posts - 16 through 30 (of 1,338 total)
  • Author
    Posts
  • in reply to: Wiresock без админских прав #13370
    Vadim Smirnov
    Keymaster

      Штатный клиент WireGuard требует повышения прав до Network Configuration Operators.

      Это объяснимо, нужно поднять сетевой интерфейс и задать ему конфигурацию.

      У WireSock есть два режима, с виртуальным адаптером и без. Во втором случае нового сетевого адаптера в систему не добавляется, его наличие эмулируется сетевым драйвером, который перехватывает пакеты, делает NAT и заворачивает в Wireguard туннель. Прав пользователя в этом случае вполне достаточно, я сейчас специально проверил с консольным клиентом.

      Единственный момент, который надо учитывать при создании конфигураций для таких клиентов, касается используемых IP протоколов. Если дефолтовый сетевой интерфейс у клиента уже имеет маршрутизируемые IPv4 и IPv6 адреса, то туннель будет работать и для IPv4 и для IPv6 (разумеется если оба заданы в конфигурации).  Если же какой-то из этих адресов отсутствует, то wiresock попытается добавить к дефолтовому интерфейсу адрес из Wireguard конфигурации, чтобы система начала маршрутизировать на него трафик. Без наличия соответствующих прав это не получится, клиент будет работать, но отсутствующий протокол работать не будет.

      in reply to: WireSock WinPE support #13368
      Vadim Smirnov
      Keymaster

        Over the past weekend, I conducted experiments with Windows PE and can corroborate your findings. It seems there might be a component essential for NDIS filter drivers that could be missing or not functioning as expected in Windows PE. Installing such a driver leads to a network shutdown. This is merely a hypothesis, and I’m uncertain about a solution, if one exists.

        in reply to: Wiresock без админских прав #13353
        Vadim Smirnov
        Keymaster

          Добрый день!

          Технически права Администратора нужны только в трех случаях:

          1. Для установки драйвера (и сервиса, если wiresock vpn client используется как сервис). Другими словами, без прав Администратора нельзя установить WireSock VPN Client.

          2. Для возможности видеть сетевые соединения приложений запущенных всеми пользователями, а не только текущим. Собственно это определяет требование WireSockUI прав Администратора, если контроль над приложениями всех пользователей не нужен, то технически его можно использовать и без админских прав в режиме NAT (см. следующий пункт).

          3. Для конфигурирования виртуального сетевого адаптера если используется соответствующий режим.

          То есть в целом все зависит от конкретного сценария использования.

          in reply to: cant install wiresock vpn client #13346
          Vadim Smirnov
          Keymaster

            One user was able to successfully install WireSock after uninstalling Kaspersky. Might you consider uninstalling Kaspersky, installing WireSock, and then reinstalling Kaspersky? On a personal note, I believe Windows Defender is a superior choice as it’s better integrated into the OS.

            in reply to: cant install wiresock vpn client #13343
            Vadim Smirnov
            Keymaster

              Hello,

              Something on your system is preventing the driver installation. Do you have any third-party antivirus software or security tools installed?

              in reply to: Receiving keepalive packet(repeat) #13337
              Vadim Smirnov
              Keymaster

                To switch from default PROXY mode to NAT mode. Start a command prompt as Administrator and run the following commands:

                wiresock-service uninstall
                wiresock-service install -start-type 2 -mode nat -interface wiresock -log-level none
                sc start wiresock-service
                in reply to: Receiving keepalive packet(repeat) #13336
                Vadim Smirnov
                Keymaster

                  The WireSock VPN Gateway is capable of functioning in two distinct modes: NAT and Proxy. It is imperative to understand that the PING command is operational exclusively in NAT mode, given that Proxy mode is restricted to supporting only the TCP and UDP protocols. Nonetheless, any protocols that are based on UDP and TCP are expected to perform seamlessly in either mode.

                  in reply to: VirtNet does not install on Windows 10 version 1809 x64 #13326
                  Vadim Smirnov
                  Keymaster

                    the driver is not intended for this platform

                    Is it possible that you attempted to install the x86 build of the driver on an x64 platform?

                    I haven’t touched this driver for four years, and it likely needs an update to function correctly with the latest versions of Windows. My schedule is quite packed, but I’ll make an effort to find some time to update it.

                    in reply to: Client connects with gateway but not working #13324
                    Vadim Smirnov
                    Keymaster

                      It appears you’re encountering a permission issue when trying to configure the Wireguard tunnel. To resolve this, you must run the command as an administrator.

                      in reply to: Getting this Error – Err: exit status 1 #13319
                      Vadim Smirnov
                      Keymaster

                        It seems there might be a misconfiguration. The newly added WireSock adapter shouldn’t act as the default gateway; it’s intended for incoming VPN connections. Could you please provide the output of ‘ipconfig /all’ with the WS adapter both enabled and disabled?

                        in reply to: Getting this Error – Err: exit status 1 #13316
                        Vadim Smirnov
                        Keymaster

                          The term ‘wireguard.exe’ is not recognized as the name of a cmdlet, function, script file, or operable program.

                          After installing Wireguard, it’s recommended to restart the console to reload environment variables. If it does not help, consider manually adding the Wireguard path to the PATH environment variable.

                          in reply to: Getting this Error – Err: exit status 1 #13314
                          Vadim Smirnov
                          Keymaster

                            Do you have WireGuard for Windows installed on your Windows computer?

                            in reply to: Two configs/tunnels at the same time? #13311
                            Vadim Smirnov
                            Keymaster

                              The current implementation of the WireSock VPN client supports only a single tunnel. While I do plan to add support for multiple tunnels in the future, I cannot provide a specific timeframe for this enhancement due to my limited availability.

                              in reply to: [TUN]: ip_interface_changed_callback #13308
                              Vadim Smirnov
                              Keymaster

                                I believe the issue isn’t associated with the virtual network interface. To verify this, try running the client in NAT mode, without using the virtual network adapter. Based on the logs, it seems you’re not receiving the handshake response from the WireGuard server. Ensure the server is active. If it is, WireGuard might be blocked. In such instances, consider routing the handshake through a SOCKS5 proxy; this often helps bypass such blockages.

                                in reply to: Can Share Vpn to Another Lan Device? #13306
                                Vadim Smirnov
                                Keymaster

                                  As previously noted, it is feasible but necessitates additional configuration steps.

                                Viewing 15 posts - 16 through 30 (of 1,338 total)