![](https://seccdn.libravatar.org/avatar/9435667f7160374bc34a8600b686aecd.jpg?s=120&d=mm&r=g)
On Thu, Feb 22, 2024 at 2:03 PM Axel Braun <docb@opensuse.org> wrote:
Am Donnerstag, 22. Februar 2024, 10:29:24 CET schrieb Andrei Borzenkov:
So this indicates that we see a handshake (hoooorrrrraaaaayyyyyy!). In the Fritzox on the other side, my VPN host, it shows a successful connection. But https://whatismyipaddress.com/ still shows the same exit point as before.
I have no idea what "Fritzbox on the other side" is nor what is "exit point".
The FritzBox is a quite popular DSL/cable modem in Germany. I connect to this box ('the box on the other side') which is located in Germany (The exit point). Whole reason for this excercise is to avoid geoblocking from german media/news websites
You did not really explain what you expected or what should be the correct result. Nor do I know what this site does and how it determines your IP address (if that is what you mean). This site seems to load some scripts.
Try e.g. https://www.showmyip.com. AFAICT it returns the address you are connected from (it returns it even when I load this page with curl).
This is quite interesting, both detect the same (IPv4) address when connected to VPN, but showmyip gives different details, e.g. location in germany, which is the expected result. Whatismyipaddress shows a IPv6 address as well, showmyip not. (I'm currently on a connection with v4 and v6).
You seem to misunderstand. Your WireGuard configuration does not handle IPv6 at all so your IPv6 traffic will NOT be sent over WireGuard connection (which may be one of reasons why the site you mentioned shows the "incorrect" location). You need to assign an IPv6 address to the WireGuard interface and configure routing rules to send IPv6 traffic over it. This must be of course coordinated with your peer.
so with wg-quick I could establish a connection to the ipv6 box (on the other side), using the same .conf file as with NetworkManager, which did not work.
So far importing wg-quick configuration into NetworkManager always results in the identical setup (modulo /etc/resolv.conf handling). Arguably, I did not attempt to use multiple allowed IP ranges and only ever used WG interface as default catch-all.