OPNsense Forum

Archive => 22.7 Legacy Series => Topic started by: somebod3983 on August 19, 2022, 01:22:11 pm

Title: 22.7.2 Wireguard service won't start
Post by: somebod3983 on August 19, 2022, 01:22:11 pm

After the upgrade to 22.7.2 the wireguard service no longer starts, I try to manually start it though the web gui and it refuses. I'm using the wireguard-go package, also notice there's a wireguard-tools package I'm assuming both of these are needed they're both installed anyway.

I should also add that it was working in prior versions, I've scoured the log files trying to find any information on why its refusing to start but I've not found anything in the system logs in webgui, is this a bug has anyone else had this problem?

Title: Re: 22.7.2 Wireguard service won't start
Post by: ProximusAl on August 19, 2022, 03:11:55 pm

I upgraded to 22.7.2 and my Wireguard was fine, but I do however use Wireguard-kmod not go.

Title: Re: 22.7.2 Wireguard service won't start
Post by: somebod3983 on August 19, 2022, 03:34:05 pm

I've seen the error message about that but I've no idea how to remove the wireguard-go module there's no uninstall option for that package in the GUI.

Title: Re: 22.7.2 Wireguard service won't start
Post by: mimugmail on August 19, 2022, 04:16:10 pm

Via CLI:

/usr/local/etc/rc.d/wireguard restart

And post the output.
Maybe your previous OPN version was quite old?

Title: Re: 22.7.2 Wireguard service won't start
Post by: Vesalius on August 19, 2022, 05:17:57 pm

@somebod3983 all you need to do to use the WireGuard kernel module is run the command below at the OPNsense cli. No need to uninstall go. May need to restart the service to reestablish any ongoing connections. All current peers and setting in the WireGuard settings gui will be used without any others action needed.

Code: [Select]

pkg install wireguard-kmod

Title: Re: 22.7.2 Wireguard service won't start
Post by: somebod3983 on August 25, 2022, 11:54:45 am

Firstly it seems the problem was a misunderstanding about how the allowed ip's works on the server configuration, the documentation from wireguard is less than clear about this. I removed the extra ip's and the service now starts.

I was after a way of configuring clients to use a split tunnel so that only traffic bound for IP's accessible on the VPN would go through the VPN rather than all traffic, I thought the allowed ip's did that but as it turns out the client has to configure that.

Title: Re: 22.7.2 Wireguard service won't start
Post by: jclendineng on August 29, 2022, 02:37:06 pm

Quote from: Vesalius on August 19, 2022, 05:17:57 pm

@somebod3983 all you need to do to use the WireGuard kernel module is run the command below at the OPNsense cli. No need to uninstall go. May need to restart the service to reestablish any ongoing connections. All current peers and setting in the WireGuard settings gui will be used without any others action needed.

Code: [Select]

pkg install wireguard-kmod

Im assuming the FW needs rebooted after this? Also wireguard go service fails to start, assuming that's OK as kmod is running and everything works just fine.

Title: Re: 22.7.2 Wireguard service won't start
Post by: Vesalius on August 29, 2022, 03:42:20 pm

Quote from: jclendineng on August 29, 2022, 02:37:06 pm

Im assuming the FW needs rebooted after this? Also wireguard go service fails to start, assuming that's OK as kmod is running and everything works just fine.

I do not remember on the first question, sorry.

Yes on the second question, that is the expected behavior. If the Red/stopped WireGuard-Go status bothers you on the dashboard services widget (it did bother me) you can click the edit (pencil) button for that widget and specify that wireguard-go status is no longer shown. Out of sight, out of mind was my fix.