Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Wireguard conf is incorrect if Endpoint IP_subject_alt_name is an IPv6 Address #14750

Open
adfernandes opened this issue Nov 18, 2024 · 1 comment
Open

Wireguard conf is incorrect if Endpoint IP_subject_alt_name is an IPv6 Address #14750

adfernandes opened this issue Nov 18, 2024 · 1 comment

Comments

@adfernandes
Copy link

If an IPv6 address is used a wireguard endpoint IP_subject_alt_name address, the configuration template file will generate a bad conf file.

Specifically, the template will generate something like this:

...
AllowedIPs = 0.0.0.0/0,::/0
Endpoint = 2600:3c01::f03c:91ff:fedf:3b2a:51820

To be correct, the IPv6 address needs square brackets around it, like this:

...
AllowedIPs = 0.0.0.0/0,::/0
Endpoint = [2600:3c01::f03c:91ff:fedf:3b2a]:51820

So different templates are needed for IPv6 and IPv4/DNS-name endpoint addresses.

If someone can point out the right way to do that with ansible/jinja, I'd be happy to make and test a PR!
@jackivanov
Copy link
Collaborator

Using ipwrap should help

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@adfernandes @jackivanov