You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I am experiencing a loop where the gerbil container restarts and fails to establish a WireGuard interface. While tcpdump confirms that UDP packets reach the host, no WireGuard handshake is ever established. This appears to be caused by an invalid IP/CIDR assignment from the Pangolin backend.
System Environment
Domain: https://pangolin.domain.de
Pangolin Version: ee-1.15.1
Gerbil Version: 1.3.0
Setup: Docker Compose behind Traefik
The Problem: Handshake Failure & Log Errors
Despite Port 51820/UDP being open on the firewall, the gerbil logs consistently show a fatal error during the interface setup.
Because the interface wg0 is never properly initialized, it cannot respond to handshake initiations.
Error Logs:
FATAL: Failed to assign IP address: failed to parse IP address: invalid CIDR address
Unauthorized connection attempt: invalid token
Current Diagnostic Status
Network Level: Verified with tcpdump -n -i any udp port 51820.
Incoming packets: Yes (Packets from client reach the container).
Outgoing handshake response: No (Silence from Gerbil).
Dashboard Configuration:
In Site Settings, entering a CIDR (e.g., 100.90.128.0/24) returns: "Invalid address format. Please provide a valid IP notation."
Only plain IPs (e.g., 100.90.128.0) are accepted.
This lack of CIDR notation in the UI seems to be the root cause of the invalid CIDR address error in the Gerbil agent.
Expected Behavior
Pangolin should allow/provide a valid CIDR range for the site. Gerbil should then use this to create the wg0 interface, enabling it to successfully respond to WireGuard handshakes on port
51820.
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
Pangolin
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
-
I am experiencing a loop where the gerbil container restarts and fails to establish a WireGuard interface. While tcpdump confirms that UDP packets reach the host, no WireGuard handshake is ever established. This appears to be caused by an invalid IP/CIDR assignment from the Pangolin backend.
System Environment
Domain: https://pangolin.domain.de
Pangolin Version: ee-1.15.1
Gerbil Version: 1.3.0
Setup: Docker Compose behind Traefik
The Problem: Handshake Failure & Log Errors
Despite Port 51820/UDP being open on the firewall, the gerbil logs consistently show a fatal error during the interface setup.
Because the interface wg0 is never properly initialized, it cannot respond to handshake initiations.
Error Logs:
Current Diagnostic Status
Network Level: Verified with tcpdump -n -i any udp port 51820.
Incoming packets: Yes (Packets from client reach the container).
Outgoing handshake response: No (Silence from Gerbil).
Dashboard Configuration:
In Site Settings, entering a CIDR (e.g., 100.90.128.0/24) returns: "Invalid address format. Please provide a valid IP notation."
Only plain IPs (e.g., 100.90.128.0) are accepted.
This lack of CIDR notation in the UI seems to be the root cause of the invalid CIDR address error in the Gerbil agent.
Configuration Files
docker-compose.yml
Expected Behavior
Pangolin should allow/provide a valid CIDR range for the site. Gerbil should then use this to create the wg0 interface, enabling it to successfully respond to WireGuard handshakes on port
51820.
Beta Was this translation helpful? Give feedback.
All reactions