OK, so we’re one step further. Now we need to make the wireguard connection work.
Usually NS8 has wireguard IP 10.5.4.1 and the NS7 to migrate has 10.5.4.2.
I assume it’s not possible to ping 10.5.4.1 from NS7 or 10.5.4.2 from NS8.
I could reproduce the error, this time it was a missing DNS entry of the NS8.
Please check the config files of both sides.
Here’s my /etc/wireguard/ns8.conf on NS7:
[Interface]
Address = 10.5.4.2
PrivateKey = MASKED
[Peer]
PublicKey = MASKED
AllowedIPs = 10.5.4.0/24
Endpoint = ns8rockytest.ns8test.com:55820
Here the NS8 /etc/wireguard/wg0.conf:
[Interface]
Address = 10.5.4.1/32
ListenPort = 55820
PrivateKey = MASKED
[Peer]
PublicKey = MASKED
AllowedIPs = 10.5.4.2/32
PersistentKeepalive = 25
It’s also possible to check the connection on both sides using
wg
In my case the “Endpoint” on NS7 couldn’t be resolved by DNS. After adding a DNS entry and restarting wireguard using
systemctl restart wg-quick@ns8
the ping worked.
Please also check if the “AllowedIPs” are matching to the other sides IP.