Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - H3n

Pages1
#1
24.1, 24.4 Legacy Series / Re: 24.1.2 Wireguard does not work after updating
February 21, 2024, 09:12:43 AM
Analyzed further on my end and noticed that wireguard on my backup fw was still working (even after upgrading).
Inspected firewall rules and noticed that all rules for the wireguard interface went missing.

re-created the rules, now wireguard is exchanging traffic again and working.

Now only CARP for wireguard is not working.
#2
24.1, 24.4 Legacy Series / Re: 24.1.2 Wireguard does not work after updating
February 20, 2024, 09:25:42 PM
Quote from: franco on February 20, 2024, 08:11:23 PM
All a bit strange. Is this perhaps a kernel issue?

# opnsense-update -kr 24.1
# opnsense-shell reboot


Cheers,
Franco

Tested this, still not working (sadly).
Within my android client i see:
"WireGuard/GoBackend/vpn: peer(hash) - Receiving keepalive packet."

Still nothing within the wireguard logs on opnsense
#3
24.1, 24.4 Legacy Series / 24.1.2 Wireguard does not work after updating
February 20, 2024, 06:37:11 PM
Hi together,

just updated to 24.1.2 and noticed that wireguard will stop receiving traffic after initial handshake.
Logs on Debug sadly do not spit anything specific out:

Code Select
2024-02-20T18:24:59 Notice wireguard /usr/local/opnsense/scripts/Wireguard/wg-service-control.php: ROUTING: entering configure using 'opt3'
2024-02-20T18:24:59 Notice wireguard wireguard instance vpn.fwh02.local (wg1) started
2024-02-20T18:24:59 Notice wireguard wireguard instance vpn.fwh02.local (wg1) stopped
2024-02-20T18:24:59 Notice wireguard wireguard instance vpn.fwh02.local (wg1) can not reconfigure without stopping it first.
2024-02-20T18:24:52 Notice wireguard /usr/local/opnsense/scripts/Wireguard/wg-service-control.php: ROUTING: entering configure using 'opt3'
2024-02-20T18:24:52 Notice wireguard wireguard instance vpn.fwh02.local (wg1) started
2024-02-20T18:24:51 Notice wireguard wireguard instance vpn.fwh02.local (wg1) stopped
2024-02-20T18:24:51 Notice wireguard wireguard instance vpn.fwh02.local (wg1) can not reconfigure without stopping it first.

Looking into the system logs I see an issue with the CARP ip. Disabled and Removing this does not help:

Code Select
2024-02-20T17:54:11 Error opnsense /usr/local/opnsense/scripts/interfaces/carp_set_status.php: The command '/sbin/ifconfig wg1 '10.0.1.1'/'24' alias vhid '3'' returned exit code '1', the output was 'ifconfig: SIOCGVH: Operation not supported'
2024-02-20T17:54:11 Error opnsense /usr/local/opnsense/scripts/interfaces/carp_set_status.php: The command '/sbin/ifconfig wg1 vhid '3' advskew '0' advbase '1' pass '**PASSWORD**'' returned exit code '1', the output was 'ifconfig: SIOCGVH: Operation not supported'

Does anyone face the same issue?
#4
23.7 Legacy Series / Re: Unbound crashing
December 20, 2023, 11:18:22 AM
Running into the same issue.
Our current workaround is that we do have a scheduled reboot each night, hoping that we resolve the issue.

We notice that the # of process rise as soon as the error message pops up



Is it possible to set `so-reuseport: no` via GUI?
Pages1