Text only | Text with Images

OPNsense Forum

Archive => 22.1 Legacy Series => Topic started by: lagus on March 03, 2022, 09:55:07 PM

Title: Wireguard - No interface, No logging
Post by: lagus on March 03, 2022, 09:55:07 PM
Dear all,

Just updated to:
OPNsense 22.1.2_1-amd64
FreeBSD 13.0-STABLE
OpenSSL 1.1.1m 14 Dec 2021

And already previously I had troubles getting the Wireguard interface up.
Is it somehow colliding with the openVPN service (No openvpn configured but IPSec on my appliance ).
I am unfortunately unable to get any logs from the process.

Code Select
$ wg showconf wg0
Unable to access interface: Device not configured
$ /usr/local/etc/rc.d/wireguard status
Unable to access interface: Device not configured
$

This is from SYSTEM: LOG FILES: GENERAL:
Code Select
2022-03-03T21:47:48 Error opnsense /usr/local/etc/rc.bootup: Unable to configure non-existent interface opt4 (wg0)
2022-03-03T21:47:48 Error opnsense /usr/local/etc/rc.bootup: Executed inline creation of non-existent interface opt4 (wg0)
2022-03-03T21:47:48 Notice opnsense plugins_configure openvpn_prepare (execute task : openvpn_prepare(,wg0))
2022-03-03T21:47:48 Notice opnsense plugins_configure openvpn_prepare (,wg0)
2022-03-03T15:49:14 kernel wg0: link state changed to DOWN
2022-03-03T15:49:13 kernel tun0: changing name to 'wg0'
2022-03-03T15:17:24 kernel wg0: link state changed to DOWN
2022-03-03T15:17:24 kernel tun0: changing name to 'wg0'
2022-03-03T15:16:04 opnsense[34308] /usr/local/etc/rc.bootup: The command '/sbin/ifconfig 'wg0' -staticarp' returned exit code '1', the output was 'ifconfig: interface wg0 does not exist'
2022-03-03T15:16:04 opnsense[34308] /usr/local/etc/rc.bootup: The command '/sbin/ifconfig 'wg0' inet6 -accept_rtadv' returned exit code '1', the output was 'ifconfig: interface wg0 does not exist'
2022-03-03T15:16:04 opnsense[34308] plugins_configure openvpn_prepare (execute task : openvpn_prepare(,wg0))
2022-03-03T15:16:04 opnsense[34308] plugins_configure openvpn_prepare (,wg0)
2022-03-03T13:44:01 kernel wg0: link state changed to DOWN
2022-03-03T13:44:01 kernel tun0: changing name to 'wg0'
2022-03-03T13:43:51 kernel wg0: link state changed to DOWN
2022-03-03T13:43:51 kernel tun0: changing name to 'wg0'
2022-03-03T13:41:06 opnsense[33410] /interfaces.php: The command '/usr/sbin/arp -d -i 'wg0' -a > /dev/null 2>&1' returned exit code '1', the output was ''
2022-03-03T13:41:06 opnsense[33410] /interfaces.php: The command '/sbin/ifconfig 'wg0' -staticarp' returned exit code '1', the output was 'ifconfig: interface wg0 does not exist'
2022-03-03T13:41:04 opnsense[33410] /interfaces.php: The command '/sbin/ifconfig 'wg0' inet6 -accept_rtadv' returned exit code '1', the output was 'ifconfig: interface wg0 does not exist'
2022-03-03T13:41:04 opnsense[33410] plugins_configure openvpn_prepare (execute task : openvpn_prepare(,wg0))


What is wrong?
Title: Re: Wireguard - No interface, No logging
Post by: mimugmail on March 04, 2022, 07:29:20 AM
Screenshots of your config please :)
Title: Re: Wireguard - No interface, No logging
Post by: lagus on March 04, 2022, 02:36:34 PM
Local and Enpoints configurations attached.
Thanks for looking at it.
Title: Re: Wireguard - No interface, No logging
Post by: mimugmail on March 05, 2022, 05:56:55 AM
/usr/local/etc/rc.d/wireguard restart via console please
Title: Re: Wireguard - No interface, No logging
Post by: lagus on March 05, 2022, 08:27:38 PM
Code Select
root@muminpappa:~ # /usr/local/etc/rc.d/wireguard restart
wg-quick: `wg0' is not a WireGuard interface
[#] ifconfig wg create name wg0
[!] Missing WireGuard kernel support (ifconfig: SIOCIFCREATE2: Invalid argument). Falling back to slow userspace implementation.
[#] wireguard-go wg0
┌──────────────────────────────────────────────────────┐
│                                                      │
│   Running wireguard-go is not required because this  │
│   kernel has first class support for WireGuard. For  │
│   information on installing the kernel module,       │
│   please visit:                                      │
│         https://www.wireguard.com/install/           │
│                                                      │
└──────────────────────────────────────────────────────┘
[#] wg setconf wg0 /dev/stdin
[#] ifconfig wg0 inet 192.168.19.16/28 alias
[#] ifconfig wg0 mtu 1420
[#] ifconfig wg0 up
[#] route -q -n add -inet 192.168.10.0/24 -interface wg0
[#] rm -f /var/run/wireguard/wg0.sock
root@muminpappa:~ #
Title: Re: Wireguard - No interface, No logging
Post by: mimugmail on March 06, 2022, 07:26:13 AM
Can you check your routing table about overlapping networks or ifconfig for overlapping IPs. Usually this happens when OpenVPN is using the same network. FreeBSD is a bit more of a diva
Title: Re: Wireguard - No interface, No logging
Post by: lagus on March 07, 2022, 08:25:41 AM
Quote from: mimugmail on March 06, 2022, 07:26:13 AM
FreeBSD is a bit more of a diva

No ***, yeah. that was the error.
No error message, no notification, just won't start.
This is unfortunately stuff that is pushing users (less experienced) to other solutions.

Thank you so very much for your help mimugmail!
This fixed it for both my appliances and it's now working correctly!
Title: Re: Wireguard - No interface, No logging
Post by: mimugmail on March 07, 2022, 10:09:06 AM
I'd always prefer IPsec and OpenVPN over WireGuard .. no matter if I wrote the plugin. :)
Title: Re: Wireguard - No interface, No logging
Post by: lagus on March 07, 2022, 11:19:53 AM
Okay..  :)

I had no better option as they don't play that nice with dynamic public IPs (4g connection.
Wireguard accept and run with a FQDN dynamically updated.

Many thanks 👍
Title: Re: Wireguard - No interface, No logging
Post by: katamadone [CH] on May 04, 2023, 06:49:48 PM
thank you - was trying to configure wireguard along with the openvpn connection for side to side.
I wondered why I see neverever something coming up.
When I deselected the LAN addresses in the allow list, the tunnel was up pretty fast.
Text only | Text with Images