Hello all,
Is there a better log to be looking at, on the WG client or server side, to troubleshoot problem connections? The Log File in OPNsense tells me close to nothing when trying to understand why a client connection is not working.
Thanks,
Steve
+1
It appears that wireguard connection logging is not existent by design. see https://forum.opnsense.org/index.php?topic=43997.0 (https://forum.opnsense.org/index.php?topic=43997.0)
But I would think that some type of basic connection/handshake logging would be possible from within OPNsense because the GUI is able to show the connection status and the last handshake age.
Quote from: joezeppy on June 21, 2025, 01:26:41 PMIt appears that wireguard connection logging is not existent by design. see https://forum.opnsense.org/index.php?topic=43997.0 (https://forum.opnsense.org/index.php?topic=43997.0)
But I would think that some type of basic connection/handshake logging would be possible from within OPNsense because the GUI is able to show the connection status and the last handshake age.
Isn't that simply processing the Output of (assuming wg1 is your Wireguard Interface):
wg show wg1 dumpOr possibly just grepping the Human Readable Output
But I guess easiest is for X = 1 ... 8 (depending on which Field you want to analyze)
wg show wg1 dump | tail -n1 | awk '{print $X}'