Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Messages - H3n

Pages: [1]

24.1 Legacy Series / Re: 24.1.2 Wireguard does not work after updating

« on: February 21, 2024, 09:12:43 am »

Analyzed further on my end and noticed that wireguard on my backup fw was still working (even after upgrading).
Inspected firewall rules and noticed that all rules for the wireguard interface went missing.

re-created the rules, now wireguard is exchanging traffic again and working.

Now only CARP for wireguard is not working.

24.1 Legacy Series / Re: 24.1.2 Wireguard does not work after updating

« on: February 20, 2024, 09:25:42 pm »

Quote from: franco on February 20, 2024, 08:11:23 pm

All a bit strange. Is this perhaps a kernel issue?

# opnsense-update -kr 24.1
# opnsense-shell reboot

Cheers,
Franco

Tested this, still not working (sadly).
Within my android client i see:
"WireGuard/GoBackend/vpn: peer(hash) - Receiving keepalive packet."

Still nothing within the wireguard logs on opnsense

24.1 Legacy Series / 24.1.2 Wireguard does not work after updating

« on: February 20, 2024, 06:37:11 pm »

Hi together,

just updated to 24.1.2 and noticed that wireguard will stop receiving traffic after initial handshake.
Logs on Debug sadly do not spit anything specific out:

Code: [Select]

2024-02-20T18:24:59	Notice	wireguard	/usr/local/opnsense/scripts/Wireguard/wg-service-control.php: ROUTING: entering configure using 'opt3'	
2024-02-20T18:24:59	Notice	wireguard	wireguard instance vpn.fwh02.local (wg1) started	
2024-02-20T18:24:59	Notice	wireguard	wireguard instance vpn.fwh02.local (wg1) stopped	
2024-02-20T18:24:59	Notice	wireguard	wireguard instance vpn.fwh02.local (wg1) can not reconfigure without stopping it first.	
2024-02-20T18:24:52	Notice	wireguard	/usr/local/opnsense/scripts/Wireguard/wg-service-control.php: ROUTING: entering configure using 'opt3'	
2024-02-20T18:24:52	Notice	wireguard	wireguard instance vpn.fwh02.local (wg1) started	
2024-02-20T18:24:51	Notice	wireguard	wireguard instance vpn.fwh02.local (wg1) stopped	
2024-02-20T18:24:51	Notice	wireguard	wireguard instance vpn.fwh02.local (wg1) can not reconfigure without stopping it first.

Looking into the system logs I see an issue with the CARP ip. Disabled and Removing this does not help:

Code: [Select]

2024-02-20T17:54:11	Error	opnsense	/usr/local/opnsense/scripts/interfaces/carp_set_status.php: The command '/sbin/ifconfig wg1 '10.0.1.1'/'24' alias vhid '3'' returned exit code '1', the output was 'ifconfig: SIOCGVH: Operation not supported'	
2024-02-20T17:54:11	Error	opnsense	/usr/local/opnsense/scripts/interfaces/carp_set_status.php: The command '/sbin/ifconfig wg1 vhid '3' advskew '0' advbase '1' pass '**PASSWORD**'' returned exit code '1', the output was 'ifconfig: SIOCGVH: Operation not supported'

Does anyone face the same issue?

23.7 Legacy Series / Re: Unbound crashing

« on: December 20, 2023, 11:18:22 am »

Running into the same issue.
Our current workaround is that we do have a scheduled reboot each night, hoping that we resolve the issue.

We notice that the # of process rise as soon as the error message pops up

Is it possible to set `so-reuseport: no` via GUI?

Pages: [1]