Nutanix

How to check VPN link status on wireguard

October 1, 2020
Shares
How to setup WireGuard VPN on your Debian GNU/Linux server ...

Lately, I have been looking for easy to set up, low resource utilization VPN solution to connect my homelab with Amazon AWS VPC. I’ve been looking at OpenVPN and IPSec solutions, none of them were easy to set up (at least based on the number of pages in the documentation). A few months back I talked to one of my colleagues and he told me about wireguard. I decided to have a look and give a try. It took me a while to figure out how to route traffic from AWS VPC subnets to my on-prem but the installation and configuration of wireguard is very easy. Several commands and you have VPN server up and running (follow up post on how to install and configure Wireguard on Linux Ubuntu are ready to be published).

What is wireguard?

WireGuard® is an extremely simple yet fast and modern VPN that utilizes state-of-the-art cryptography. It aims to be faster, simpler, leaner, and more useful than IPsec while avoiding the massive headache. It intends to be considerably more performant than OpenVPN. WireGuard is designed as a general-purpose VPN for running on embedded interfaces and super computers alike, fit for many different circumstances. Initially released for the Linux kernel, it is now cross-platform (Windows, macOS, BSD, iOS, Android) and widely deployable. It is currently under heavy development, but already it might be regarded as the most secure, easiest to use, and simplest VPN solution in the industry.

www.wireguard.com

How to check VPN status link on Wireguard?

How do you check the VPN status link on Wireguard servers or between server and client? One method is to do ping between VPN IP addresses or run command wg show from the server or from the client.
Below you can see wg show command output where VPN is not up.

root@artur-VirtualBox:/etc/wireguard# wg show
interface: wg0
  public key: qZ7+xNeXCjKdRNM33Diohj2Y/KSOXwvFfgTS1LRx+EE=
  private key: (hidden)
  listening port: 45703

peer: mhLzGkqD1JujPjEfZ6gkbusf3sfFzy+1KXBwVNBRBHs=
  endpoint: 3.133.147.235:51820
  allowed ips: 10.100.100.1/32
  transfer: 0 B received, 592 B sent
  persistent keepalive: every 21 seconds
root@artur-VirtualBox:/etc/wireguard#

The below output from the wg show command indicates the VPN link is up. See the line with last handshake time

root@artur-VirtualBox:/etc/wireguard# wg show
interface: wg0
  public key: qZ7+xNeXCjKdRNM33Diohj2Y/KSOXwvFfgTS1LRx+EE=
  private key: (hidden)
  listening port: 49785

peer: 6lf4SymMbY+WboI4jEsM+P9DhogzebSULrkFowDTt0M=
  endpoint: 3.133.147.235:51820
  allowed ips: 10.100.100.1/32
  latest handshake: 14 seconds ago
  transfer: 732 B received, 820 B sent
  persistent keepalive: every 21 seconds
root@artur-VirtualBox:/etc/wireguard#
2.4 9 votes
Article Rating

Related posts:

  1. Check port availability behind firewall from Linux
  2. Install and configure Pulse Secure on Ubuntu
  3. How to check host BIOS version on Nutanix cluster
  4. Change default KMS port on Nutanix

Tags:

Artur Krzywdzinski

Artur is Consulting Architect at Nutanix. He has been using, designing and deploying VMware based solutions since 2005 and Microsoft since 2012. He specialize in designing and implementing private and hybrid cloud solution based on VMware and Microsoft software stacks, datacenter migrations and transformation, disaster avoidance. Artur holds VMware Certified Design Expert certification (VCDX #077).

You may also like...

Subscribe
Notify of
guest
2 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments
Robert

Nice write up .. everything worked first time!

-1
Reply
View Replies (1)
wpdiscuz   wpDiscuz

Get diagrams for Free

2
0
Would love your thoughts, please comment.x
()
x

FOR FREE. Download Nutanix port diagrams

Join our mailing list to receive an email with instructions on how to download 19 port diagrams in MS Visio format.

NOTE: if you do not get an email within 1h, check your SPAM filters

You have Successfully Subscribed!

Pin It on Pinterest