github-starred/pangolin
2
0
Fork 0
mirror of https://github.com/fosrl/pangolin.git synced 2026-05-22 01:22:50 -05:00
Code Issues 959 Packages Projects Releases 74 Wiki Activity

Newt cant connect to server #452

New Issue
Closed
opened 2025-11-13 12:01:02 -06:00 by GiteaMirror · 3 comments
GiteaMirror commented 2025-11-13 12:01:02 -06:00
Owner
Copy Link

Originally created by @Joksa98 on GitHub (Jun 22, 2025).

Environment:

  • Pangolin Version: 1.5.1
  • Gerbil Version: 1.0.0
  • Newt Version: 1.2.1
  • Setup: Pangolin server running on a public VPS. Newt client running locally in a Docker stack.

Problem Description

I've setup pangolin using automatic installer on a VPS and it works, but when i add new site and try to run and connect newt it cant ping server 100.89.128.1

Newt Client Log:

newt  | INFO: 2025/06/22 13:18:55 Newt version 1.2.1
newt  | INFO: 2025/06/22 13:19:00 Sent registration message
newt  | INFO: 2025/06/22 13:19:00 Received registration message
newt  | INFO: 2025/06/22 13:19:00 Received: {Type:newt/wg/connect Data:map[endpoint:pangolin.example.com:51820 publicKey:*********** serverIP:100.89.128.1 targets:map[tcp:[] udp:[]] tunnelIP:100.89.128.4]}
newt  | INFO: 2025/06/22 13:19:01 WireGuard device created. Lets ping the server now...
newt  | INFO: 2025/06/22 13:19:01 Ping attempt 1
newt  | INFO: 2025/06/22 13:19:01 Pinging 100.89.128.1
newt  | WARN: 2025/06/22 13:19:11 Ping attempt 1 failed: failed to read ICMP packet: i/o timeout
newt  | INFO: 2025/06/22 13:19:11 Starting ping check
newt  | INFO: 2025/06/22 13:19:11 Ping attempt 2
newt  | INFO: 2025/06/22 13:19:11 Pinging 100.89.128.1
newt  | WARN: 2025/06/22 13:19:21 Ping attempt 2 failed: failed to read ICMP packet: i/o timeout
newt  | INFO: 2025/06/22 13:19:23 Ping attempt 3
newt  | INFO: 2025/06/22 13:19:23 Pinging 100.89.128.1
newt  | WARN: 2025/06/22 13:19:33 Ping attempt 3 failed: failed to read ICMP packet: i/o timeout
newt  | INFO: 2025/06/22 13:19:35 Ping attempt 4
newt  | INFO: 2025/06/22 13:19:35 Pinging 100.89.128.1
newt  | INFO: 2025/06/22 13:19:41 Pinging 100.89.128.1
newt  | WARN: 2025/06/22 13:19:45 Ping attempt 4 failed: failed to read ICMP packet: i/o timeout
newt  | INFO: 2025/06/22 13:19:47 Ping attempt 5
newt  | INFO: 2025/06/22 13:19:47 Pinging 100.89.128.1
newt  | WARN: 2025/06/22 13:19:51 Connection to server lost. Continuous reconnection attempts will be made.
newt  | WARN: 2025/06/22 13:19:51 Please check your internet connection and ensure the Pangolin server is online.
newt  | WARN: 2025/06/22 13:19:51 Newt will continue reconnection attempts automatically when connectivity is restored.
newt  | WARN: 2025/06/22 13:19:57 Ping attempt 5 failed: failed to read ICMP packet: i/o timeout
newt  | INFO: 2025/06/22 13:19:57 Increasing ping retry delay to 3s
newt  | INFO: 2025/06/22 13:20:00 Ping attempt 6
newt  | INFO: 2025/06/22 13:20:00 Pinging 100.89.128.1
newt  | WARN: 2025/06/22 13:20:10 Ping attempt 6 failed: failed to read ICMP packet: i/o timeout
newt  | INFO: 2025/06/22 13:20:11 Pinging 100.89.128.1
newt  | INFO: 2025/06/22 13:20:13 Ping attempt 7
newt  | INFO: 2025/06/22 13:20:13 Pinging 100.89.128.1
newt  | WARN: 2025/06/22 13:20:23 Ping attempt 7 failed: failed to read ICMP packet: i/o timeout

Configurations

I've replaces my domain with example.com but i use domain.duckdns.org.

1. Pangolin Server docker-compose.yml (on VPS)

name: pangolin
networks:
  default:
    driver: bridge
    name: pangolin
services:
  crowdsec:
    # ... crowdsec config ...
  gerbil:
    cap_add:
      - NET_ADMIN
      - SYS_MODULE
    command:
      - --generateAndSaveKeyTo=/var/config/key
      - --remoteConfig=http://pangolin:3001/api/v1/gerbil/get-config
      - --reportBandwidthTo=http://pangolin:3001/api/v1/gerbil/receive-bandwidth
    container_name: gerbil
    depends_on:
      pangolin:
        condition: service_healthy
    image: fosrl/gerbil:1.0.0
    ports:
      - 51820:51820/udp
      - 443:443
      - 80:80
    restart: unless-stopped
    volumes:
      - ./config/:/var/config
  pangolin:
    # ... pangolin config ...
  traefik:
    # ... traefik config ...

2. Pangolin Server config.yml (on VPS)

app:
   dashboard_url: "https://pangolin.example.com"
   log_level: "info"

domains:
   domain1:
       base_domain: "example.com"
       cert_resolver: "myresolver"

server:
   secret: "a_very_long_and_random_secret_key"
   # ... other server config ...

traefik:
   cert_resolver: "myresolver"
   http_entrypoint: "web"
   https_entrypoint: "websecure"

gerbil:
   start_port: 51820
   base_endpoint: "pangolin.example.com"
   use_subdomain: true
   block_size: 24
   site_block_size: 30
   subnet_group: 100.89.137.0/20

users:
   server_admin:
       email: "admin@example.com"
       password: "a-secure-password"

# ... other flags ...

3. Newt Client docker-compose.yml (Local Machine)

services:
  gluetun:
    # ... gluetun config ...

  newt:
    image: fosrl/newt
    container_name: newt
    restart: unless-stopped
    network_mode: "service:gluetun" # Routing through VPN
    depends_on:
      - gluetun
    environment:
      - PANGOLIN_ENDPOINT=https://pangolin.example.com
      - NEWT_ID=REDACTED
      - NEWT_SECRET=REDACTED

  # ... other local services ...
Originally created by @Joksa98 on GitHub (Jun 22, 2025). **Environment:** * **Pangolin Version:** 1.5.1 * **Gerbil Version:** 1.0.0 * **Newt Version:** 1.2.1 * **Setup:** Pangolin server running on a public VPS. Newt client running locally in a Docker stack. --- ### Problem Description I've setup pangolin using automatic installer on a VPS and it works, but when i add new site and try to run and connect newt it cant ping server 100.89.128.1 #### Newt Client Log: ```LOGS newt | INFO: 2025/06/22 13:18:55 Newt version 1.2.1 newt | INFO: 2025/06/22 13:19:00 Sent registration message newt | INFO: 2025/06/22 13:19:00 Received registration message newt | INFO: 2025/06/22 13:19:00 Received: {Type:newt/wg/connect Data:map[endpoint:pangolin.example.com:51820 publicKey:*********** serverIP:100.89.128.1 targets:map[tcp:[] udp:[]] tunnelIP:100.89.128.4]} newt | INFO: 2025/06/22 13:19:01 WireGuard device created. Lets ping the server now... newt | INFO: 2025/06/22 13:19:01 Ping attempt 1 newt | INFO: 2025/06/22 13:19:01 Pinging 100.89.128.1 newt | WARN: 2025/06/22 13:19:11 Ping attempt 1 failed: failed to read ICMP packet: i/o timeout newt | INFO: 2025/06/22 13:19:11 Starting ping check newt | INFO: 2025/06/22 13:19:11 Ping attempt 2 newt | INFO: 2025/06/22 13:19:11 Pinging 100.89.128.1 newt | WARN: 2025/06/22 13:19:21 Ping attempt 2 failed: failed to read ICMP packet: i/o timeout newt | INFO: 2025/06/22 13:19:23 Ping attempt 3 newt | INFO: 2025/06/22 13:19:23 Pinging 100.89.128.1 newt | WARN: 2025/06/22 13:19:33 Ping attempt 3 failed: failed to read ICMP packet: i/o timeout newt | INFO: 2025/06/22 13:19:35 Ping attempt 4 newt | INFO: 2025/06/22 13:19:35 Pinging 100.89.128.1 newt | INFO: 2025/06/22 13:19:41 Pinging 100.89.128.1 newt | WARN: 2025/06/22 13:19:45 Ping attempt 4 failed: failed to read ICMP packet: i/o timeout newt | INFO: 2025/06/22 13:19:47 Ping attempt 5 newt | INFO: 2025/06/22 13:19:47 Pinging 100.89.128.1 newt | WARN: 2025/06/22 13:19:51 Connection to server lost. Continuous reconnection attempts will be made. newt | WARN: 2025/06/22 13:19:51 Please check your internet connection and ensure the Pangolin server is online. newt | WARN: 2025/06/22 13:19:51 Newt will continue reconnection attempts automatically when connectivity is restored. newt | WARN: 2025/06/22 13:19:57 Ping attempt 5 failed: failed to read ICMP packet: i/o timeout newt | INFO: 2025/06/22 13:19:57 Increasing ping retry delay to 3s newt | INFO: 2025/06/22 13:20:00 Ping attempt 6 newt | INFO: 2025/06/22 13:20:00 Pinging 100.89.128.1 newt | WARN: 2025/06/22 13:20:10 Ping attempt 6 failed: failed to read ICMP packet: i/o timeout newt | INFO: 2025/06/22 13:20:11 Pinging 100.89.128.1 newt | INFO: 2025/06/22 13:20:13 Ping attempt 7 newt | INFO: 2025/06/22 13:20:13 Pinging 100.89.128.1 newt | WARN: 2025/06/22 13:20:23 Ping attempt 7 failed: failed to read ICMP packet: i/o timeout ``` --- ### Configurations I've replaces my domain with example.com but i use domain.duckdns.org. **1. Pangolin Server `docker-compose.yml` (on VPS)** ```yaml name: pangolin networks: default: driver: bridge name: pangolin services: crowdsec: # ... crowdsec config ... gerbil: cap_add: - NET_ADMIN - SYS_MODULE command: - --generateAndSaveKeyTo=/var/config/key - --remoteConfig=http://pangolin:3001/api/v1/gerbil/get-config - --reportBandwidthTo=http://pangolin:3001/api/v1/gerbil/receive-bandwidth container_name: gerbil depends_on: pangolin: condition: service_healthy image: fosrl/gerbil:1.0.0 ports: - 51820:51820/udp - 443:443 - 80:80 restart: unless-stopped volumes: - ./config/:/var/config pangolin: # ... pangolin config ... traefik: # ... traefik config ... ``` **2. Pangolin Server `config.yml` (on VPS)** ```yaml app: dashboard_url: "https://pangolin.example.com" log_level: "info" domains: domain1: base_domain: "example.com" cert_resolver: "myresolver" server: secret: "a_very_long_and_random_secret_key" # ... other server config ... traefik: cert_resolver: "myresolver" http_entrypoint: "web" https_entrypoint: "websecure" gerbil: start_port: 51820 base_endpoint: "pangolin.example.com" use_subdomain: true block_size: 24 site_block_size: 30 subnet_group: 100.89.137.0/20 users: server_admin: email: "admin@example.com" password: "a-secure-password" # ... other flags ... ``` **3. Newt Client `docker-compose.yml` (Local Machine)** ```yaml services: gluetun: # ... gluetun config ... newt: image: fosrl/newt container_name: newt restart: unless-stopped network_mode: "service:gluetun" # Routing through VPN depends_on: - gluetun environment: - PANGOLIN_ENDPOINT=https://pangolin.example.com - NEWT_ID=REDACTED - NEWT_SECRET=REDACTED # ... other local services ... ```
GiteaMirror commented 2025-11-13 12:01:03 -06:00
Author
Owner
Copy Link

@oschwartz10612 commented on GitHub (Jun 22, 2025):

Not sure if duckdns is getting in the way here but this is almost always related to UDP port 51820 not being open on your VPS. Please make sure that it is not being blocked either in the VPS provider's website or on linux with ufw, iptables, or nftables.

@oschwartz10612 commented on GitHub (Jun 22, 2025): Not sure if duckdns is getting in the way here but this is almost always related to UDP port 51820 not being open on your VPS. Please make sure that it is not being blocked either in the VPS provider's website or on linux with ufw, iptables, or nftables.
GiteaMirror commented 2025-11-13 12:01:03 -06:00
Author
Owner
Copy Link

@miloschwartz commented on GitHub (Jun 22, 2025):

Also make sure pangolin.example.com resolves to the public IP of the VPS running Pangolin server. You could try setting
use_subdomain: false for Gerbil, and maybe temporarily disabling gluetun on Newt for the sake of debugging.

@miloschwartz commented on GitHub (Jun 22, 2025): Also make sure `pangolin.example.com` resolves to the public IP of the VPS running Pangolin server. You could try setting `use_subdomain: false` for Gerbil, and maybe temporarily disabling gluetun on Newt for the sake of debugging.
GiteaMirror commented 2025-11-13 12:01:03 -06:00
Author
Owner
Copy Link

@Joksa98 commented on GitHub (Jun 22, 2025):

Not sure if duckdns is getting in the way here but this is almost always related to UDP port 51820 not being open on your VPS. Please make sure that it is not being blocked either in the VPS provider's website or on linux with ufw, iptables, or nftables.

Also make sure pangolin.example.com resolves to the public IP of the VPS running Pangolin server. You could try setting use_subdomain: false for Gerbil, and maybe temporarily disabling gluetun on Newt for the sake of debugging.

Thank you very much for your help, i am using ionos VPS and it is by default allowing only esential ports from cloudpanel.
I've added 51820 to the ionos cloud control panel firewall list and it all works, thanks again, have a great day!

@Joksa98 commented on GitHub (Jun 22, 2025): > Not sure if duckdns is getting in the way here but this is almost always related to UDP port 51820 not being open on your VPS. Please make sure that it is not being blocked either in the VPS provider's website or on linux with ufw, iptables, or nftables. > Also make sure `pangolin.example.com` resolves to the public IP of the VPS running Pangolin server. You could try setting `use_subdomain: false` for Gerbil, and maybe temporarily disabling gluetun on Newt for the sake of debugging. Thank you very much for your help, i am using ionos VPS and it is by default allowing only esential ports from cloudpanel. I've added 51820 to the ionos cloud control panel firewall list and it all works, thanks again, have a great day!
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
api
authentication
bug
config
dependencies
docker
documentation
enhancement
good first issue
help wanted
Improvement
Look Into
needs investigating
networking
new feature
non-critical bug
potential bug
pull-request
Mirrored from GitHub Pull Request
 question
reverse proxy
Security
stale
ui
wontfix
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
GiteaMirror ninjasurge
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/pangolin#452
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?