https://netmaker.org logo
Join Discord
Powered by
As I have created a egress gateway and provided th...
# netmaker
c
As I have created a egress gateway and provided the range ( 10.60.224.0/32 ) Now if I want to connect or ping the nodes present in the network 10.60.224.0 , Will I be able to reach them Or do I need to add the server which is egress gateway in the present network to the 10.60.224.0 network.
b
10.60.224.0/32 should be reachable from all other nodes in the network.
c
But It's not reachable, do I need to add any outboaund port. The server which is an egress is an Azure VM
b
is the range reachable from the egress gateway itself?
10.60.224.0/32 is an invalid ipv4 cidr
it is a network address not a host address
c
Yeah my bad, after sharing the issue here I have updated it 10.60.224.0/24
b
ok
c
New updated graph, and I am not able to connect to egress network from Netclient-AZ also
b
if the egress range is not reachable from the egress gateway how do you expect netmaker(wireguard) to solve this ?
you can only egress to a network that the egress gateway can already reach
c
If I am not wrong the configuration seems good ?
How to achieve this
b
what are the ip addresses of the egress gateway
c
10.174.71.1
b
don't need its public address just the private ones
what is output of 
ip a
if that is the only ip address that it has; it cannot be used as an egress gateway
c
The same node should be present with the another network also where I am pointing my egress?
according to this image what I understand is it should be mutual in both the network
b
yes, the egress gateway has to be in the network that you want to make it an egress gateway for
c
Cool, I tried out that also Will try once again
b
it does not have a 10.60.224.X address
c
will it take some time to update the configuaration?
Nope, I am adding it to the 10.60.224.0 network
[netclient] 2022-07-26 10:39:14 joining gateway-net at api.abhishekparihari.tech:443 [netclient] 2022-07-26 10:39:14 error installing: error creating node 401 Unauthorized {"Code":401,"Message":"You are unauthorized to access this endpoint."} root@Netclient-AZ:~# After giving join command it's throwing an error
b
token vaild? run out of uses?
c
Ok lemme create a new and use that
what does it mean, 3 Uses left or 3 are using ?
b
3 left
c
Mow I have added the egress gateway to the network 10.60.224.0 and I am able to reach to other nodes in this network
Now I should able to reach from any node of the left network (10.174.71.0) [egress configured] to the left network[ 10.60.224.0]
root@HZ-Netclient:~# ping 10.60.224.1 PING 10.60.224.1 (10.60.224.1) 56(84) bytes of data. ^C --- 10.60.224.1 ping statistics --- 3 packets transmitted, 0 received, 100% packet loss, time 2025ms root@HZ-Netclient:~#
----------------------------------------------- root@Netclient-AZ:~# ping 10.60.224.1 PING 10.60.224.1 (10.60.224.1) 56(84) bytes of data. 64 bytes from 10.60.224.1: icmp_seq=1 ttl=64 time=3.24 ms 64 bytes from 10.60.224.1: icmp_seq=2 ttl=64 time=1.69 ms 64 bytes from 10.60.224.1: icmp_seq=3 ttl=64 time=3.44 ms ^C --- 10.60.224.1 ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 2004ms rtt min/avg/max/mdev = 1.690/2.789/3.443/0.781 ms root@Netclient-AZ:~#
b
Is port forwarding enabled on gateway
c
Which port do i need to add? WireGuard port for the network?
as I have opened the WireGuard ports only at server side I have not opened any other ports in the peers
b
It is not a port. Just google ip_forwarding to get details
c
Ok sure, I will do that
Ok got it like for setting up wireGuard manually we have to make sure Ip forwarding U mean the same right?
b
Yes
c
in /etc/sysctl.conf file?
Thanks a lot I will do that and update
After that do I need to update anything else?
b
No
c
root@Netclient-AZ:~# sysctl -p net.ipv4.ip_forward = 1 after making the ip forwarding, still not able to reach
-------------------------- One more confusion root@Netclient-AZ:~# netclient pull dev-net [netclient] 2022-07-26 12:22:32 No network selected. Running Pull for all networks. [netclient] 2022-07-26 12:22:32 UDP hole punching enabled for node Netclient-AZ [netclient] 2022-07-26 12:22:35 UDP hole punching enabled for node Netclient-AZ [netclient] 2022-07-26 12:22:37 certificates/key saved [netclient] 2022-07-26 12:22:39 registration error Post "https://api.hetznerhcm.dima.kmd.dk:443/api/nodes/adm/ork-kmd/authenticate": dial tcp xxxx:443: connect: connection refused 2022/07/26 12:22:39 Post "https://api.hetznerhcm.dima.kmd.dk:443/api/nodes/adm/ork-kmd/authenticate": dial tcp xxxx:443: connect: connection refused as i am running a pull for a particular network, how come it's showing the domains of previously configured netmaker setup Which I have removed
----------- How to remove the network from peers ? which networks are either removed or deleted or the peer is removed from the network but I can see those networks in the network list and also when checking the wg
Is there any process to untag those network names which are not in use ?
b
netmaker leave -n
c
any further solution in this
b
probably a firewall settting somewhere .... did you recreate everything after enabling fowarding ... did you specify the correct interface adapter when creating the gateway?
c
thanks a lot for helping here
@bored-island-21407 appreciate it
2 Views
PreviousNext
Powered by