Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Messages - bobbythomas

Pages: 1 [2] 3 4 ... 9

20.7 Legacy Series / Re: Wireguard not working after upgrade.

« on: August 03, 2020, 12:57:04 pm »

Quote from: mimugmail on August 03, 2020, 12:43:19 pm

But it points to wireguard interface .. can you remove it?

Yeah, I'll remove that, not sure why it's not working now, it was working previously with the same config in 20.1. I will remove that and try.

Thanks and regards,
Bobby Thomas

20.7 Legacy Series / Re: Wireguard not working after upgrade.

« on: August 03, 2020, 12:42:25 pm »

Quote from: mimugmail on August 03, 2020, 12:35:44 pm

route -q -n add -inet 192.168.2.0/24 -interface wg0

Is this your LAN?

No that's my Zerotier Network. I wanted to access devices in the Zerotier Network when I'm connected to the vpn.

20.7 Legacy Series / Re: Wireguard not working after upgrade.

« on: August 03, 2020, 11:30:30 am »

Quote from: mimugmail on August 03, 2020, 09:59:48 am

Quote from: bobbythomas on August 02, 2020, 08:16:50 pm
Hi Michael,

I tried the same using service wireguard restart and the method you mentioned here but the result is same, the service is not coming up. Do I need to reboot the system manually after upgrade?

Regards,
Bobby Thomas

/usr/local/etc/rc.d/wireguard restart

Via console

I need this output

Sorry I thought you wanted to know the status of the service after entering that command. Below is the output of the command.

Quote

root@firewall:~ # /usr/local/etc/rc.d/wireguard restart
wg-quick: `wg0' is not a WireGuard interface
wireguard-go wg0

INFO: (wg0) 2020/08/03 14:56:06 Starting wireguard-go version 0.0.20200320
wg setconf wg0 /tmp/tmp.UtpkrEW8/sh-np.dztf3d
ifconfig wg0 inet 10.1.1.1/32 10.1.1.1 alias
ifconfig wg0 mtu 1420
ifconfig wg0 up
route -q -n add -inet 10.1.1.3/32 -interface wg0
route -q -n add -inet 10.1.1.2/32 -interface wg0
route -q -n add -inet 10.1.1.1/32 -interface wg0
route -q -n add -inet 192.168.2.0/24 -interface wg0
rm -f /var/run/wireguard/wg0.sock

root@firewall:~ #

By the by, I tried a manual restart and the issue still persist.

Thank you,
Regards,
Bobby Thomas

20.7 Legacy Series / Re: Wireguard not working after upgrade.

« on: August 02, 2020, 08:16:50 pm »

Hi Michael,

I tried the same using service wireguard restart and the method you mentioned here but the result is same, the service is not coming up. Do I need to reboot the system manually after upgrade?

Regards,
Bobby Thomas

20.7 Legacy Series / [SOLVED] Wireguard not working after upgrade.

« on: August 02, 2020, 06:04:01 pm »

Hi All,

I just upgraded my firewall from 20.1.9 to 20.7, the upgrade went smooth. The only issue I am seeing is with the wireguard vpn. After the upgrade the wireguard vpn service was showing down, but when I tried to start the service it's not starting. So I went through the logs and I found below.

Code: [Select]

root@firewall:~ # cat /var/log/system.log | grep wg
Aug  2 20:52:13 firewall kernel: tun0: changing name to 'wg0'
Aug  2 20:52:13 firewall kernel: wg0: deletion failed: 3
Aug  2 20:52:13 firewall kernel: wg0: link state changed to DOWN
Aug  2 20:56:30 firewall kernel: tun0: changing name to 'wg0'
Aug  2 20:56:30 firewall kernel: wg0: deletion failed: 3
Aug  2 20:56:30 firewall kernel: wg0: link state changed to DOWN
Aug  2 20:58:07 firewall kernel: tun0: changing name to 'wg0'
Aug  2 20:58:08 firewall kernel: wg0: deletion failed: 3
Aug  2 20:58:08 firewall kernel: wg0: link state changed to DOWN
Aug  2 21:12:08 firewall kernel: tun0: changing name to 'wg0'
Aug  2 21:12:09 firewall kernel: wg0: deletion failed: 3
Aug  2 21:12:09 firewall kernel: wg0: link state changed to DOWN
Aug  2 21:13:46 firewall kernel: tun0: changing name to 'wg0'
Aug  2 21:13:46 firewall kernel: wg0: deletion failed: 3
Aug  2 21:13:46 firewall kernel: wg0: link state changed to DOWN
Aug  2 20:01:26 firewall kernel: ifa_maintain_loopback_route: deletion failed for interface wg0: 3
Aug  2 20:01:26 firewall kernel: wg0: link state changed to DOWN

Is this some kind of bug? It seems to me like the system is unable to rename the tunnel interface.

Any help is appreciated.

Thank you,
Regards,
Bobby Thomas

20.1 Legacy Series / Re: Dynamic DNS issue (no-ip)

« on: July 04, 2020, 12:51:18 pm »

Looks like a new patch released today. 20.1.8.1 which has the fix. Check that out.

https://twitter.com/opnsense/status/1279363581470027776?s=19

Sent from my ONEPLUS A5000 using Tapatalk

Hardware and Performance / Re: OPNsense 20.1 on RaspberryPI 3

« on: November 25, 2019, 09:24:46 am »

Quote from: rene_ on November 08, 2019, 10:45:30 am

Oh, okay ... just asking, because theoretically this image should also run on a pi4, which has a lot more power, but i also don't ordered one yet ^^

I have a 4GB RPi4, I will let you know if this image works on RPi4.

Regards,
Bobby Thomas

19.7 Legacy Series / Re: Wireguard Unstable

« on: November 01, 2019, 01:23:17 pm »

Ok I just tried now and it's still not connecting. I even restarted the Wireguard service but that didn't make any difference. Not sure what I need to fix this issue. I will also give it a try with a different port.

Thank you,
Regards,
Bobby Thomas

19.7 Legacy Series / Re: Wireguard Unstable

« on: November 01, 2019, 12:36:39 pm »

Thank you Michael, I updated tunnel ip addresses in endpoint configs to /32. But it seems like my internet went down and I am now unable to connect to my OPNsense from remote. I will update the status once connectivity is back.

Thank you,
Regards,
Bobby Thomas

19.7 Legacy Series / Re: Wireguard Unstable

« on: November 01, 2019, 12:09:14 pm »

I was trying different settings and I just checked that to see if it would make any difference.

Please see the Endpoint config from OPNsense attached.

Thank you,
Regards,
Bobby Thomas

19.7 Legacy Series / Re: Wireguard Unstable

« on: November 01, 2019, 11:53:12 am »

Quote from: mimugmail on November 01, 2019, 09:42:58 am

Screenshots of local instance and endpoints please

Please see attached.

Also see the below logs from the Wireguard client while trying to connect.

Code: [Select]

2019-11-01 05:36:06.221: [MGR] Update checker: Get https://download.wireguard.com/windows-client/latest.sig: dial tcp: lookup download.wireguard.com: no such host
2019-11-01 05:37:16.888: [TUN] [wireguard] Starting WireGuard/0.0.35 (Windows 6.3.9600; amd64)
2019-11-01 05:37:16.889: [TUN] [wireguard] Watching network interfaces
2019-11-01 05:37:16.917: [TUN] [wireguard] Resolving DNS names
2019-11-01 05:37:16.969: [TUN] [wireguard] Creating Wintun interface
2019-11-01 05:37:20.405: [TUN] [wireguard] Using Wintun/0.7 (NDIS 6.40)
2019-11-01 05:37:20.504: [TUN] [wireguard] Enabling firewall rules
2019-11-01 05:37:20.663: [TUN] [wireguard] Dropping privileges
2019-11-01 05:37:20.711: [TUN] [wireguard] Creating interface instance
2019-11-01 05:37:20.712: [TUN] [wireguard] Routine: event worker - started
2019-11-01 05:37:20.714: [TUN] [wireguard] Routine: encryption worker - started
2019-11-01 05:37:20.716: [TUN] [wireguard] Routine: decryption worker - started
2019-11-01 05:37:20.717: [TUN] [wireguard] Routine: handshake worker - started
2019-11-01 05:37:20.719: [TUN] [wireguard] Routine: encryption worker - started
2019-11-01 05:37:20.720: [TUN] [wireguard] Routine: decryption worker - started
2019-11-01 05:37:20.722: [TUN] [wireguard] Routine: handshake worker - started
2019-11-01 05:37:20.724: [TUN] [wireguard] Routine: encryption worker - started
2019-11-01 05:37:20.725: [TUN] [wireguard] Routine: encryption worker - started
2019-11-01 05:37:20.727: [TUN] [wireguard] Routine: decryption worker - started
2019-11-01 05:37:20.728: [TUN] [wireguard] Routine: handshake worker - started
2019-11-01 05:37:20.730: [TUN] [wireguard] Routine: handshake worker - started
2019-11-01 05:37:20.731: [TUN] [wireguard] Routine: decryption worker - started
2019-11-01 05:37:20.733: [TUN] [wireguard] Routine: TUN reader - started
2019-11-01 05:37:20.741: [TUN] [wireguard] Setting interface configuration
2019-11-01 05:37:20.744: [TUN] [wireguard] UAPI: Updating private key
2019-11-01 05:37:20.760: [TUN] [wireguard] UAPI: Updating listen port
2019-11-01 05:37:20.774: [TUN] [wireguard] UAPI: Removing all peers
2019-11-01 05:37:20.776: [TUN] [wireguard] UAPI: Transition to peer configuration
2019-11-01 05:37:20.791: [TUN] [wireguard] peer(TIZw…s6BE) - UAPI: Created
2019-11-01 05:37:20.792: [TUN] [wireguard] peer(TIZw…s6BE) - UAPI: Updating endpoint
2019-11-01 05:37:20.793: [TUN] [wireguard] peer(TIZw…s6BE) - UAPI: Updating persistent keepalive interval
2019-11-01 05:37:20.794: [TUN] [wireguard] peer(TIZw…s6BE) - UAPI: Removing all allowedips
2019-11-01 05:37:20.805: [TUN] [wireguard] peer(TIZw…s6BE) - UAPI: Adding allowedip
2019-11-01 05:37:20.806: [TUN] [wireguard] peer(TIZw…s6BE) - UAPI: Adding allowedip
2019-11-01 05:37:20.808: [TUN] [wireguard] peer(TIZw…s6BE) - UAPI: Adding allowedip
2019-11-01 05:37:20.808: [TUN] [wireguard] peer(TIZw…s6BE) - UAPI: Adding allowedip
2019-11-01 05:37:20.821: [TUN] [wireguard] peer(TIZw…s6BE) - UAPI: Adding allowedip
2019-11-01 05:37:20.822: [TUN] [wireguard] Bringing peers up
2019-11-01 05:37:20.824: [TUN] [wireguard] Routine: receive incoming IPv6 - started
2019-11-01 05:37:20.826: [TUN] [wireguard] Routine: receive incoming IPv4 - started
2019-11-01 05:37:20.828: [TUN] [wireguard] UDP bind has been updated
2019-11-01 05:37:20.840: [TUN] [wireguard] peer(TIZw…s6BE) - Starting...
2019-11-01 05:37:20.840: [TUN] [wireguard] peer(TIZw…s6BE) - Routine: sequential receiver - started
2019-11-01 05:37:20.842: [TUN] [wireguard] peer(TIZw…s6BE) - Routine: nonce worker - started
2019-11-01 05:37:20.844: [TUN] [wireguard] peer(TIZw…s6BE) - Routine: sequential sender - started
2019-11-01 05:37:20.847: [TUN] [wireguard] Monitoring default v4 routes
2019-11-01 05:37:21.125: [TUN] [wireguard] Binding v4 socket to interface 6 (blackhole=false)
2019-11-01 05:37:21.224: [TUN] [wireguard] Setting device v4 addresses
2019-11-01 05:37:21.712: [TUN] [wireguard] Monitoring default v6 routes
2019-11-01 05:37:21.712: [TUN] [wireguard] Binding v6 socket to interface 0 (blackhole=false)
2019-11-01 05:37:21.714: [TUN] [wireguard] Setting device v6 addresses
2019-11-01 05:37:21.944: [TUN] [wireguard] Listening for UAPI requests
2019-11-01 05:37:21.945: [TUN] [wireguard] Startup complete
2019-11-01 05:37:25.412: [TUN] [wireguard] peer(TIZw…s6BE) - Sending handshake initiation
2019-11-01 05:37:25.445: [TUN] [wireguard] peer(TIZw…s6BE) - Awaiting keypair
2019-11-01 05:37:30.512: [TUN] [wireguard] peer(TIZw…s6BE) - Sending handshake initiation
2019-11-01 05:37:35.675: [TUN] [wireguard] peer(TIZw…s6BE) - Handshake did not complete after 5 seconds, retrying (try 2)
2019-11-01 05:37:35.675: [TUN] [wireguard] peer(TIZw…s6BE) - Sending handshake initiation
2019-11-01 05:37:40.759: [TUN] [wireguard] peer(TIZw…s6BE) - Sending handshake initiation
2019-11-01 05:37:45.942: [TUN] [wireguard] peer(TIZw…s6BE) - Handshake did not complete after 5 seconds, retrying (try 2)
2019-11-01 05:37:45.942: [TUN] [wireguard] peer(TIZw…s6BE) - Sending handshake initiation
2019-11-01 05:37:51.195: [TUN] [wireguard] peer(TIZw…s6BE) - Handshake did not complete after 5 seconds, retrying (try 2)
2019-11-01 05:37:51.196: [TUN] [wireguard] peer(TIZw…s6BE) - Sending handshake initiation
2019-11-01 05:37:56.523: [TUN] [wireguard] peer(TIZw…s6BE) - Handshake did not complete after 5 seconds, retrying (try 2)
2019-11-01 05:37:56.524: [TUN] [wireguard] peer(TIZw…s6BE) - Sending handshake initiation
2019-11-01 05:38:01.608: [TUN] [wireguard] peer(TIZw…s6BE) - Handshake did not complete after 5 seconds, retrying (try 2)
2019-11-01 05:38:01.621: [TUN] [wireguard] peer(TIZw…s6BE) - Sending handshake initiation
2019-11-01 05:38:06.927: [TUN] [wireguard] peer(TIZw…s6BE) - Handshake did not complete after 5 seconds, retrying (try 2)
2019-11-01 05:38:06.928: [TUN] [wireguard] peer(TIZw…s6BE) - Sending handshake initiation
2019-11-01 05:38:12.014: [TUN] [wireguard] peer(TIZw…s6BE) - Sending handshake initiation
2019-11-01 05:38:17.158: [TUN] [wireguard] peer(TIZw…s6BE) - Handshake did not complete after 5 seconds, retrying (try 2)
2019-11-01 05:38:17.158: [TUN] [wireguard] peer(TIZw…s6BE) - Sending handshake initiation
2019-11-01 05:38:22.451: [TUN] [wireguard] peer(TIZw…s6BE) - Handshake did not complete after 5 seconds, retrying (try 2)
2019-11-01 05:38:22.454: [TUN] [wireguard] peer(TIZw…s6BE) - Sending handshake initiation
2019-11-01 05:38:27.663: [TUN] [wireguard] peer(TIZw…s6BE) - Sending handshake initiation
2019-11-01 05:38:32.742: [TUN] [wireguard] peer(TIZw…s6BE) - Handshake did not complete after 5 seconds, retrying (try 2)
2019-11-01 05:38:32.742: [TUN] [wireguard] peer(TIZw…s6BE) - Sending handshake initiation
2019-11-01 05:38:37.639: [MGR] [wireguard] Tunnel service tracker finished
2019-11-01 05:38:37.869: [TUN] [wireguard] peer(TIZw…s6BE) - Handshake did not complete after 5 seconds, retrying (try 2)
2019-11-01 05:38:37.935: [TUN] [wireguard] peer(TIZw…s6BE) - Sending handshake initiation
2019-11-01 05:38:38.394: [TUN] [wireguard] Device closing
2019-11-01 05:38:38.441: [TUN] [wireguard] Routine: TUN reader - stopped
2019-11-01 05:38:41.230: [TUN] [wireguard] Routine: event worker - stopped
2019-11-01 05:38:41.237: [TUN] [wireguard] Routine: receive incoming IPv4 - stopped
2019-11-01 05:38:41.241: [TUN] [wireguard] Routine: receive incoming IPv6 - stopped
2019-11-01 05:38:41.242: [TUN] [wireguard] peer(TIZw…s6BE) - Stopping...
2019-11-01 05:38:41.243: [TUN] [wireguard] peer(TIZw…s6BE) - Routine: sequential receiver - stopped
2019-11-01 05:38:41.245: [TUN] [wireguard] peer(TIZw…s6BE) - Routine: nonce worker - stopped
2019-11-01 05:38:41.247: [TUN] [wireguard] Routine: decryption worker - stopped
2019-11-01 05:38:41.251: [TUN] [wireguard] Routine: handshake worker - stopped
2019-11-01 05:38:41.257: [TUN] [wireguard] Routine: handshake worker - stopped
2019-11-01 05:38:41.258: [TUN] [wireguard] Routine: decryption worker - stopped
2019-11-01 05:38:41.260: [TUN] [wireguard] Routine: encryption worker - stopped
2019-11-01 05:38:41.261: [TUN] [wireguard] Routine: encryption worker - stopped
2019-11-01 05:38:41.263: [TUN] [wireguard] Routine: handshake worker - stopped
2019-11-01 05:38:41.268: [TUN] [wireguard] Routine: decryption worker - stopped
2019-11-01 05:38:41.274: [TUN] [wireguard] Routine: handshake worker - stopped
2019-11-01 05:38:41.277: [TUN] [wireguard] Routine: decryption worker - stopped
2019-11-01 05:38:41.278: [TUN] [wireguard] Routine: encryption worker - stopped
2019-11-01 05:38:41.280: [TUN] [wireguard] Routine: encryption worker - stopped
2019-11-01 05:38:41.306: [TUN] [wireguard] peer(TIZw…s6BE) - Routine: sequential sender - stopped
2019-11-01 05:38:41.308: [TUN] [wireguard] Interface closed
2019-11-01 05:38:41.309: [TUN] [wireguard] Shutting down

19.7 Legacy Series / Re: Wireguard Unstable

« on: November 01, 2019, 08:40:19 am »

Thank you Michael for the quick response. It was not really an occassion, but I was trying to connect to it from my mobile and laptop with same profile (same peer config with only IP address change) and I was only able to connect it from my laptop. Earlier it used to connect from both and if I use only one device to connect to VPN then there will be no issues, but there will be handshake issues if both of them connect at the same time and because of that I used to see packet drops (because of same public key config). I was only able to connect to VPN once after the change to stable version and not from my mobile. I tried capturing data and vould see traffic coming from my mobile or laptop on udp 51820 port but there was no handshakes. I was only seeing handshake sent from peer end but nothing received. Any suggestions?

Thank you,
Regards,
Bobby Thomas

19.7 Legacy Series / Wireguard Unstable

« on: October 31, 2019, 11:31:13 pm »

Hi All,

I have been using Wireguard dev for a while and recently mived to the stable build but after moving to the stable build wireguard has become unstable. Most of the times it won't establish the connection with the server only in one occasion it was able to establish the connection there were no changes in the config and I have even tried uninstalling and doing a fresh install, still thar didn't work. How can view the Wireguard logs? It's seems really hard to troubleshoot Wireguard connectivity issues.

Thanks in advance.

Regards,
Bobby Thomas

Hardware and Performance / Re: [Working] OPNsense Ported into ARM Devices

« on: June 25, 2019, 09:12:09 am »

Quote from: chemlud on June 25, 2019, 08:58:41 am

Quote
I have ordered this one and I should expect it by this week or next. Since RPI 4 is here with better Specs (Cortex A72 ARM-V8, Gigabit Ethernet, LPDDR4, USB3, Wifi AC) this should be ideal to run OPNsense and FreeBSD. Can we expect some development for this board soon?

Have a look at raspi 3, there is no working BSD-sense image yet, as the hardware is not really supported by the OS yet. Assume the same to happen for raspi 4...

I think we would see more development for this little guy as it is one of the best hardware released by RPI team.

Hardware and Performance / Re: [Working] OPNsense Ported into ARM Devices

« on: June 25, 2019, 12:10:07 am »

Quote from: chemlud on June 24, 2019, 09:24:32 am

Good news!

https://cdn.shopify.com/s/files/1/1560/1473/files/Inside_Raspberry_Pi_4.pdf?2142

...but how long will it take till the support will reach BSD? :-(

I have ordered this one and I should expect it by this week or next. Since RPI 4 is here with better Specs (Cortex A72 ARM-V8, Gigabit Ethernet, LPDDR4, USB3, Wifi AC) this should be ideal to run OPNsense and FreeBSD. Can we expect some development for this board soon?

Pages: 1 [2] 3 4 ... 9