-
Notifications
You must be signed in to change notification settings - Fork 705
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Internet access does not work (abuse prevention) #158
Comments
See #50. |
Thanks for the swift response. I checked there before posting this. I'm on windows. I don't think whatever I'm facing is related to that thread. It was working fine until an hour back and never had an issue since I started using this for about 2 months. |
My general response would be to test this on a fresh Ubuntu 21.10 installation and see if it works there. If not, it's definitely an issue with your Windows installation. Otherwise, could be a ton of different things that guessing would be impossible. FWIW, everything works fine here on macOS and Ubuntu. |
got ya. thanks. I'll check it out. But it is weird that it was working fine until an hour back. So I don't think it is a windows issue. |
I am facing the same issue here. It suddenly stopped working an hour or two ago. |
wgcf suddenly stopped working today all over, it's not windows fault, looks like cloudflare banned it |
@AdroitAdorKhan @Juancollado2003 are you guys on windows too? |
I can confirm the issue, just started happening to me on macOS too. Will try to investigate soon. |
Windows 10, Debian 11, Android 11 & RouterOS 7.x. Confirmed, not working anywhere since last 2 hours (maybe). |
Could be CF changed host address or port? |
I'm not sure if this is anyway related. Cloudwarp windows client works fine for me. So I tried capturing traffic using wireshark to see if there is any difference in packets. What caught my eye was, there is a field called wg.reserved which has value b91981 in all "wireguard protocol" traffic via warp client. For the traffic via wireguard client, this value is 000000 |
Port seems to be the same. Native warp client uses a different IP. I tried with that as well. But it didn't help |
Many people are having the same problem, I hope it gets resolved. |
I also encountered this problem, and I noticed that I could get a response from the end of the 6in4 tunnel, but warp showed that all the services that depended on it offline were down. I thought the 6in4 tunnel of HE was broken. I tried to dial again many times and checked the server status page of HE. I noticed that I could get from the opposite end of the 6in4 tunnel. Everything was fine when I only used 6in4. |
This is weird, I'm using WARP on a Mikrotik router, stopped working 3-4 hours ago. |
I have just received an unofficial response from Cloudflare. Indeed, unofficial clients like WireGuard are blocked server-side due to huge amount of abuse. Exactly what form of abuse I do not know. However, the block is expected to be lifted later today, and I am working with them on a long-term solution. For now though:
|
The block seems to have been lifted. It's working for me. |
I can confirm it works here too. Leaving this issue for visibility, though. |
prepare for the worst, use the warp-cli for linux or official clients for windows/macos. since the beginning cloudflare never supports unofficial clients or use own wg config for WARP, so don't cry if they block it again... |
First time trying out wgcf but I have no internet. No idea if it's my setup or it's being block again.
Using Fedora Silverblue with nmcli |
Mine on Windows doesn't work either. Perhaps the block was re-initiated. |
ipv6 endpoint seems be removed? |
I got the file, but the private key seems to be encrypted. Could you please tell me how to decrypt it? string name="warp_private_key">XXXXXXXXXXXXXXXXXXXXX ]+yGW5Y6BignXXR3uZDB2MaM/pzj0Y0YThYezBYqGY84CQC/TUKHJ4bXDF8m3wL4VkP6qkVG3W2b3 y/5n |
There is no way to decrypt private key unless using old android system version and specific device definition. That's the reason why I put the tutorial link |
Yes, I could get the decrypted value with the old android version. But I still cannot connect, it shows "Failed to send handshake initiation" (from Wireguard android). I used the below endpoint:
I can see the port there is :0 and the config file also has the below value:
So looks like it doesn't use the port 2408 directly but forward to the proxy 172.16.0.1:2480 |
So you are running this config file on Android?
I do not know exactly what to do and how to fix. As far as i conclude, your ISP may block UDP Protocol or connection redirects to re-routed server. This program has continued a period of time for me, i used to suffer the same issue when using ipv4 on pc and mobile phone. But when i intend to run ipv6 ,it works for me even cellular network in China where it widely known that censorship and firewall block My config 👇👇👇👇
|
Sorry, it still doesn't work for me. Anyway, thank you very much for your great help! |
Without changing any configuration, it just suddenly works. Warp connected me AMS colo instead of HKG. |
You didn’t?
|
Just to give some organization to all the "internet does not work" reports. There are two known cases when this may happen:
|
Update: There's a project that re-written the whole ptorocol in Go, but it's half-sourced (core part, most were open-sourced). Edit: This is also an unofficial client, use at your risk. |
Looks like the HKG server once again went dark. |
What’s the affected colocation, and how did they abuse it?
|
DFW reroute to LAX afaict, with absolutely insane ~2TB monthly usage mostly through legit video services. But he hasn't had to reconnect his tunnel yet and reports working service for now. |
I'm not using a HK server but I still have this issue |
endpoint 162.159.193.5:2408 repair my WG connection |
Very nice, works fine with Fedora 37. |
I got lucky with endpoint ❯ curl https://cloudflare.com/cdn-cgi/trace 00:01:05
fl=465f131
h=cloudflare.com
ip=2a09:bac5:21b1:123c::1d1:83
ts=1710604866.304
visit_scheme=https
uag=curl/8.6.0
colo=SJC
sliver=010-tier1
http=http/2
loc=CN
tls=TLSv1.3
sni=plaintext
warp=on
gateway=off
rbi=off
kex=X25519
... Also I tried ❯ ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
❯ sudo wg
...
peer: bmXOC+F1FxEMF9dyiK2H5/1SUtzH0JuVo51h2wPfgyo=
endpoint: 162.159.193.5:2408
allowed ips: 0.0.0.0/0, ::/0
latest handshake: 1 second ago
transfer: 552 B received, 97.27 KiB sent |
For some reason, Cloudflare warp team has modified official wireguard protocol, which means you won't be able to connect wireguard to warp as usual. People found out a unique value unlike official wireguard protocol, you can see this link Xray-examples-reserved id By this time, I'd like to suggest you using Sing-box(a powerful tool) to make connection because of its better performance than official wireguard client |
0 B received. Handshake did not get completed.
I thought it could be account issue. Registered a new account from a VPN and tried connecting with the new config.
Still same.
Edit from maintainer:
Just to give some organization to all the "internet does not work" reports. There are two known cases when this may happen:
The text was updated successfully, but these errors were encountered: