Hello, I have a problem regarding Tunnel-side IPv4 network to use.
I tried updating WIREGUARD_IPV4_NETWORK in my .env file to get more IPv4 pool and re-ran docker compose down and docker compose up -d to restart and reconfigure firezone services, but after that it seems like the VPN client is not connected to the server even though there are packets received in wireguard client log.
Hello @afif.fahreza
After you changed IPv4 Network, you have to regenerate a config file for the devices which are connected to the tunnel before with the old IPv4 Network spaces.
What’s the new network range? If IPv6 is enabled make sure to increase that range too. Make sure the WIREGUARD_ADDRESS variables are within the range.
I’d recommend going with CGNAT 100.64.0.0/10 for the range — this will be the default in new releases.
added the parameters and im immediately getting this error on a fresh installed firezone;
ipv6 address pool is exhausted. Increase network size or remove some devices.ipv4 address pool is exhausted. Increase network size or remove some devices.
it worked by disabling ipv6. However its getting this error “IPv6 address pool is exhausted. Increase network size or remove some devices”. this server has set to disable ipv6 and is using 100.xx.xx.xx/10 CGNAT. Any thoughts Jamil?
Unfortunately the client configs are static and have to be re-generated when network settings change. The only way to fix will it is with custom clients.
noticed that when ipv4 changed to WIREGUARD_IPV4_NETWORK=100.64.0.0/10
WIREGUARD_IPV4_ADDRESS=100.64.0.1 users experienced intermittent connection. regenerated configs to work but connection is not stable. most of the time they get no internet connection when connected to the server.