I don't know if it happened after upgrading Site A or Site B. I should have checked before upgrading Site B but I forgot after chasing this wild goose (https://forum.opnsense.org/index.php?topic=38573.0) for a few hours.
In any case, Site A has several peers in a "road warrior" setup. These work without a hitch. There is a peer for another OPNsense box (Site B) for a S2S which is down.
I have a backdoor via SSH and port forward, so I'm still able to access the OPNsense interface on Site B that way.
I checked firewall rules on both ends, no changes here.
I checked and verified public keys between instance B and its peer on A and vice versa. Pasted them to be sure and confirmed, restarted Wireguard. No change.
I can see one error in the logging on both ends and it has been there since forever. It still appears:
2024-02-03T15:34:17 Error wireguard /usr/local/opnsense/scripts/Wireguard/wg-service-control.php: ROUTING: not a valid interface gateway address: ''
I doubt that has anything to do with todays' issues.
Tcpdump shows packets on both sites on their outside interfaces but the handshake never completes.
What else can I do? I see nothing in the logging, keys are correct, packets are flowing?
Solved it!
Don't ask why but the gateway was gone and on the interface it was set to "automatic".
I had to recreate the gateway and reconfigure it on the interface and things started working again.
Quote from: securid on February 03, 2024, 04:46:19 PM
Solved it!
Don't ask why but the gateway was gone and on the interface it was set to "automatic".
I had to recreate the gateway and reconfigure it on the interface and things started working again.
i am facing a similar issue, do you mean the Site to Site Gateway was Gone?