WSL2 and WireGuard on Host
How networking on Windows will never be honest friend of mine
Hello there! I am a seasoned Product Developer and technology enthusiast with a rich background in Full Stack and DevOps Engineering. I have a particular affinity for TypeScript, JavaScript, HTML/CSS, C#, with a budding interest in Python.
Over my eight-year professional journey, I have honed my skills in Agile methodologies, including Scrum, Kanban, and Lean Development, and dabbled extensively in numerous frameworks such as Angular, React, ExpressJs, WPF, ASP.NET, Xamarin, and Unity. My toolbelt includes Webstorm, VS Code, and VS Studio, among others.
As a recent Tech Lead at Pazz, Munich, my passion for strategic planning and product development bore fruit as I led initiatives that resulted in 15,000 new users and a threefold increase in user engagement. I am proud of my contributions to server and database migrations, as well as building up and mentoring a development team from scratch.
Previously, as a Senior Fullstack Developer, I had the chance to delve into innovative areas, creating a state-of-the-art headless XMPP adapter and developing encryption-based solutions for a distributed database system. In the quest for better performance, I extended the database with custom Join and Query logic, leading to a whopping 500% improvement in query speed.
Outside of my professional life, I am a loving father, a supportive husband, and a video game enthusiast. I am committed to continuous learning and personal growth, and my dream is to contribute significantly to a product that becomes a household name. I thrive in roles that offer the potential for high product impact, aligning with my experience, and satisfying the needs of the company.
I am excited to share my journey, thoughts, and insights with you through this blog!
I spend multiple hours fighting the bad fight.
The problem:
Since WSL2 the host network is no longer shared between the host and WSL through a separate network adapter. Great for security and bad for funnelling your traffic through your host's VPN. And for this use case is no straight way to go.
Like every good company, my current client keeps a wire guard VPN to manage secure outside connections and secure the network for remote work.
As a web developer on Windows of course need WSL it is just not sane to fight with the powershell and binary hell for Windows for all the different possible stacks.
My solution was:
Share the VPN Connection with WSL:
You have to change the network settings on your Windows machine to allow the WSL instance to share the VPN connection. Here's how you do it:
Open
Control Panel->Network and Internet->Network and Sharing Center->Change adapter settings.Right-click on the WireGuard Tunnel adapter, and click on
Properties.Go to the
Sharingtab and check theAllow other network users to connect through this computer's Internet connectionbox.In the dropdown menu, select the adapter that corresponds to the WSL instance. It might be labelled as
vEthernet (WSL)orvEthernet (Default Switch)or similar. ClickOK.
Confirm Connectivity Inside WSL:
Open your WSL instance and check if you can connect through the VPN by running commands such as
ping,curl, orwgetto confirm you're connecting through the VPN.
This worked for ping, dig and co but ssh and git was still not usable.
This Holly-Comment fixed at least the traffic flow fully with this command in your PowerShell as Admin.
New-NetFirewallRule -DisplayName "WSL" -Direction Inbound -InterfaceAlias "vEthernet (WSL)" -Action Allow
Afterwards, I also increased the MTU (Maximum Transmission Unit) as recommended. Without this change ssh and git still was hanging on execution.
sudo ifconfig eth0 mtu 1350
For other souls visiting this circle of windows hell, they can try their hand on
https://github.com/sakai135/wsl-vpnkit
And for the masochist troubleshooting with Microsoft:
I like my daily dose of pain like any other developer but for today I did not have the nerve and endurance for it anymore.
