I have a server that wont auth via WG:
log output from the client:
2023-01-24 07:21:29 Closing TUN/TAP interface/n
2023-01-24 07:21:29 SIGTERM[hard,] received, process exiting/n
(I am trying to get logs from the router but it’s not as easy as it should 
)
ports are forwarded (both ovpn and wg)…
It works as expected for ovpn.
The client is on windows, Pritunl Client v1.3.3373.6, WG is installed as well…
What am I missing?
Check all the logs from the drop down selection in the client log viewer.
[2023-1-24 7:21:32][ERROR] Request: JSON parse failed
SyntaxError: Unexpected token ‘<’, "
"… is not valid JSON
SyntaxError: Unexpected token ‘<’, "
"… is not valid JSON
at JSON.parse ()
at Response.json (webpack-internal:///./app/Request.js:45:25)
at eval (webpack-internal:///./app/types/ProfileTypes.js:619:37)
at process.processTicksAndRejections (node:internal/process/task_queues:96:5)
[2023-1-24 7:22:27][ERROR] Request: JSON parse failed
SyntaxError: Unexpected token ‘<’, "
"… is not valid JSON
SyntaxError: Unexpected token ‘<’, "
"… is not valid JSON
at JSON.parse ()
at Response.json (webpack-internal:///./app/Request.js:45:25)
at eval (webpack-internal:///./app/types/ProfileTypes.js:619:37)
at process.processTicksAndRejections (node:internal/process/task_queues:96:5)
This was in the Client logs a few seconds after that entry (that I shared in orig post) went into the server specific log…
the closest errors in the service logs were from about half an hr earlier when I was still playing with some ovpn stuff…
This appears to be an error requesting the profile logs from the background service. Try deleting all log files in the C:\Users\USERNAME\AppData\Roaming\pritunl and C:\ProgramData\Pritunl directories. Then restart the computer or the Pritunl service. If this doesn’t work delete both the directories and import the profiles again.
stopping pritunl helper service then deleting logs, starting helper service, then reimporting profile didnt work - same result.
During server creation I set ovpnport to 4242 and wg port to 4243, but only 4242 is in the ovpn file, is wg port communicated over ovpn port?
When you suggested “deleting both directories” do you mean all contents? Would this require new install of pritunl im guessing?
Thanks!
You can open the developer tools from the top right menu and check for other errors in the console. Is Pritunl server behind a load balancer?
Pritunl is not behind a load balancer, I have a port forwarded for both OVPN and WG…
I get “Failed to connect” immeditely after typingin the OTP
servicelogs"
[2023-01-30 06:44:07][INFO] ▶ profile: Connecting ◆ disable_gateway=false ◆ dynamic_firewall=false ◆ mode="wg" ◆ profile_id="f68552090bb69428" ◆ reconnect=true ◆ sso_auth=false
[2023-01-30 06:44:07][ERRO] ▶ profile: Request wg connection failed
profile: Bad status 405 code from server
ORIGINAL STACK TRACE:
github.com/pritunl/pritunl-client-electron/service/profile.(*Profile).reqWg
C:/Users/Windows/go/src/github.com/pritunl/pritunl-client-electron/service/profile/profile.go:2535 +0x663c94
github.com/pritunl/pritunl-client-electron/service/profile.(*Profile).startWg
C:/Users/Windows/go/src/github.com/pritunl/pritunl-client-electron/service/profile/profile.go:3556 +0x668fa4
github.com/pritunl/pritunl-client-electron/service/profile.(*Profile).Start
C:/Users/Windows/go/src/github.com/pritunl/pritunl-client-electron/service/profile/profile.go:1229 +0x659ee7
github.com/pritunl/pritunl-client-electron/service/handlers.profilePost.func1
C:/Users/Windows/go/src/github.com/pritunl/pritunl-client-electron/service/handlers/profile.go:99 +0x672029
runtime.goexit
C:/Program Files/Go/src/runtime/asm_amd64.s:1594 +0x1871e0
[2023-01-30 06:44:08][INFO] ▶ profile: Disconnecting ◆ profile_id="f68552090bb69428"
[2023-01-30 06:44:09][INFO] ▶ profile: Disconnected ◆ profile_id="f68552090bb69428"
clientlogs:
[2023-1-30 6:43:59][ERROR] Request: JSON parse failed
SyntaxError: Unexpected token '<', "<html>
"... is not valid JSON
SyntaxError: Unexpected token '<', "<html>
"... is not valid JSON
at JSON.parse (<anonymous>)
at Response.json (webpack-internal:///./app/Request.js:45:25)
at eval (webpack-internal:///./app/types/ProfileTypes.js:619:37)
at process.processTicksAndRejections (node:internal/process/task_queues:96:5)
[2023-1-30 6:44:42][ERROR] Request: JSON parse failed
SyntaxError: Unexpected token '<', "<html>
"... is not valid JSON
SyntaxError: Unexpected token '<', "<html>
"... is not valid JSON
at JSON.parse (<anonymous>)
at Response.json (webpack-internal:///./app/Request.js:45:25)
at eval (webpack-internal:///./app/types/ProfileTypes.js:619:37)
at process.processTicksAndRejections (node:internal/process/task_queues:96:5)
thanks!
A 405 error is an invalid timestamp in the signature. Verify the client and server have the correct time.
I changed time zone on the server to make sure they match and same result… (howmany seconds of error would trigger an issue?) I’m puzzled why ovpn works fine but wg gives me the “failed to connect right away”, there is no log output on the server side that I see either… thanks for your help though!
does wg have to be installed before pritunl on the server?
The timestamp window is 12 hours, it is not effected by timezones. WireGuard must be installed on both the client and server.
WG is running on both server and client, I tried making a new server without 2FA, same result- fails as soon as I click the WG button and the logs show the error 405.
firewall clientside was also disabled, time on both server/client matches, ovpn works fine, both ports open on gateway serverside, no sign of the client reaching the server (no info in logs).
Also I noticed that the port number of the WG server isnt in the ovpn file - is it exchanged over the ovpn port or is the port number for wg not plaintext?
any other ideas?
thanks!
The connection and authentication process is detailed in the WireGuard documentation. The Pritunl Client will use the remotes and sync addresses from the configuration to send an authentication request to the HTTPS port of the Pritunl web server. This will generate a temporary WireGuard key for the duration of the connection. The client will need access to the Pritunl web server port for this to function.
The client will need access to the Pritunl web server port for this to function.
ok I believe this is the problem then. I just need to figure out if this can be configured to be something other than 443 on the client side…
thanks
If I want to use a subdomain with rev proxy to point to the pritunl web server, how would I make the client aware of what subdomain/url to use? edit the sync_hosts entry in the ovpn file?
This can be done by setting the sync address in the host settings.