Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - bobbythomas

Pages 1 2 3 4 ... 9
#16
20.7 Legacy Series / Re: Wireguard not working after upgrade.
August 03, 2020, 01:19:19 PM
Quote from: mimugmail on August 03, 2020, 01:07:15 PM
route -q -n add -inet 192.168.1.0/24 -interface wg0

The line above indicates that this should be a network on the other side of the VPN tunnel.
If one of your local interfaces has this network, wireguard will break. In 20.1 it seems FreeBSD just ignored this.

Got it, After removing LAN and restarting the service Wireguard service came back online. Is this how it should be configured?

Thanks and regards,
Bobby Thomas
#17
20.7 Legacy Series / Re: Wireguard not working after upgrade.
August 03, 2020, 01:01:40 PM
Quote from: bobbythomas on August 03, 2020, 12:57:04 PM
Quote from: mimugmail on August 03, 2020, 12:43:19 PM
But it points to wireguard interface .. can you remove it?

Yeah, I'll remove that, not sure why it's not working now, it was working previously with the same config in 20.1. I will remove that and try.

Thanks and regards,
Bobby Thomas

I removed it, still the service is down.

Quote
root@firewall:~ # service wireguard restart
wg-quick: `wg0' is not a WireGuard interface
  • wireguard-go wg0
    INFO: (wg0) 2020/08/03 16:29:35 Starting wireguard-go version 0.0.20200320
  • wg setconf wg0 /tmp/tmp.HQjWBJgx/sh-np.rUTYLg
  • ifconfig wg0 inet 10.1.1.1/32 10.1.1.1 alias
  • ifconfig wg0 mtu 1420
  • ifconfig wg0 up
  • route -q -n add -inet 10.1.1.3/32 -interface wg0
  • route -q -n add -inet 10.1.1.2/32 -interface wg0
  • route -q -n add -inet 10.1.1.1/32 -interface wg0
  • route -q -n add -inet 192.168.1.0/24 -interface wg0
  • rm -f /var/run/wireguard/wg0.sock
    root@firewall:~ #
Do I need to remove LAN (192.168.1.0/24).

Thank you,
Regards,
Bobby Thomas
#18
20.7 Legacy Series / Re: Wireguard not working after upgrade.
August 03, 2020, 12:57:04 PM
Quote from: mimugmail on August 03, 2020, 12:43:19 PM
But it points to wireguard interface .. can you remove it?

Yeah, I'll remove that, not sure why it's not working now, it was working previously with the same config in 20.1. I will remove that and try.

Thanks and regards,
Bobby Thomas
#19
20.7 Legacy Series / Re: Wireguard not working after upgrade.
August 03, 2020, 12:42:25 PM
Quote from: mimugmail on August 03, 2020, 12:35:44 PM
route -q -n add -inet 192.168.2.0/24 -interface wg0

Is this your LAN?

No that's my Zerotier Network. I wanted to access devices in the Zerotier Network when I'm connected to the vpn.
#20
20.7 Legacy Series / Re: Wireguard not working after upgrade.
August 03, 2020, 11:30:30 AM
Quote from: mimugmail on August 03, 2020, 09:59:48 AM
Quote from: bobbythomas on August 02, 2020, 08:16:50 PM
Hi Michael,

I tried the same using service wireguard restart and the method you mentioned here but the result is same, the service is not coming up. Do I need to reboot the system manually after upgrade?

Regards,
Bobby Thomas

/usr/local/etc/rc.d/wireguard restart

Via console

I need this output

Sorry I thought you wanted to know the status of the service after entering that command. Below is the output of the command.

Quote
root@firewall:~ # /usr/local/etc/rc.d/wireguard restart
wg-quick: `wg0' is not a WireGuard interface
  • wireguard-go wg0
    INFO: (wg0) 2020/08/03 14:56:06 Starting wireguard-go version 0.0.20200320
  • wg setconf wg0 /tmp/tmp.UtpkrEW8/sh-np.dztf3d
  • ifconfig wg0 inet 10.1.1.1/32 10.1.1.1 alias
  • ifconfig wg0 mtu 1420
  • ifconfig wg0 up
  • route -q -n add -inet 10.1.1.3/32 -interface wg0
  • route -q -n add -inet 10.1.1.2/32 -interface wg0
  • route -q -n add -inet 10.1.1.1/32 -interface wg0
  • route -q -n add -inet 192.168.2.0/24 -interface wg0
  • rm -f /var/run/wireguard/wg0.sock
    root@firewall:~ #
By the by, I tried a manual restart and the issue still persist.

Thank you,
Regards,
Bobby Thomas
#21
20.7 Legacy Series / Re: Wireguard not working after upgrade.
August 02, 2020, 08:16:50 PM
Hi Michael,

I tried the same using service wireguard restart and the method you mentioned here but the result is same, the service is not coming up. Do I need to reboot the system manually after upgrade?

Regards,
Bobby Thomas
#22
20.7 Legacy Series / [SOLVED] Wireguard not working after upgrade.
August 02, 2020, 06:04:01 PM
Hi All,

I just upgraded my firewall from 20.1.9 to 20.7, the upgrade went smooth. The only issue I am seeing is with the wireguard vpn. After the upgrade the wireguard vpn service was showing down, but when I tried to start the service it's not starting. So I went through the logs and I found below.

Code Select

root@firewall:~ # cat /var/log/system.log | grep wg
Aug  2 20:52:13 firewall kernel: tun0: changing name to 'wg0'
Aug  2 20:52:13 firewall kernel: wg0: deletion failed: 3
Aug  2 20:52:13 firewall kernel: wg0: link state changed to DOWN
Aug  2 20:56:30 firewall kernel: tun0: changing name to 'wg0'
Aug  2 20:56:30 firewall kernel: wg0: deletion failed: 3
Aug  2 20:56:30 firewall kernel: wg0: link state changed to DOWN
Aug  2 20:58:07 firewall kernel: tun0: changing name to 'wg0'
Aug  2 20:58:08 firewall kernel: wg0: deletion failed: 3
Aug  2 20:58:08 firewall kernel: wg0: link state changed to DOWN
Aug  2 21:12:08 firewall kernel: tun0: changing name to 'wg0'
Aug  2 21:12:09 firewall kernel: wg0: deletion failed: 3
Aug  2 21:12:09 firewall kernel: wg0: link state changed to DOWN
Aug  2 21:13:46 firewall kernel: tun0: changing name to 'wg0'
Aug  2 21:13:46 firewall kernel: wg0: deletion failed: 3
Aug  2 21:13:46 firewall kernel: wg0: link state changed to DOWN
Aug  2 20:01:26 firewall kernel: ifa_maintain_loopback_route: deletion failed for interface wg0: 3
Aug  2 20:01:26 firewall kernel: wg0: link state changed to DOWN


Is this some kind of bug? It seems to me like the system is unable to rename the tunnel interface.

Any help is appreciated.

Thank you,
Regards,
Bobby Thomas
#23
20.1 Legacy Series / Re: Dynamic DNS issue (no-ip)
July 04, 2020, 12:51:18 PM
Looks like a new patch released today. 20.1.8.1 which has the fix. Check that out.

https://twitter.com/opnsense/status/1279363581470027776?s=19

Sent from my ONEPLUS A5000 using Tapatalk

#24
Hardware and Performance / Re: OPNsense 20.1 on RaspberryPI 3
November 25, 2019, 09:24:46 AM
Quote from: rene_ on November 08, 2019, 10:45:30 AM
Oh, okay ... just asking, because theoretically this image should also run on a pi4, which has a lot more power, but i also don't ordered one yet ^^

I have a 4GB RPi4, I will let you know if this image works on RPi4.

Regards,
Bobby Thomas
#25
19.7 Legacy Series / Re: Wireguard Unstable
November 01, 2019, 01:23:17 PM
Ok I just tried now and it's still not connecting. I even restarted the Wireguard service but that didn't make any difference. Not sure what I need to fix this issue. I will also give it a try with a different port.

Thank you,
Regards,
Bobby Thomas
#26
19.7 Legacy Series / Re: Wireguard Unstable
November 01, 2019, 12:36:39 PM
Thank you Michael, I updated tunnel ip addresses in endpoint configs to /32. But it seems like my internet went down and I am now unable to connect to my OPNsense from remote. I will update the status once connectivity is back.

Thank you,
Regards,
Bobby Thomas
#27
19.7 Legacy Series / Re: Wireguard Unstable
November 01, 2019, 12:09:14 PM
I was trying different settings and I just checked that to see if it would make any difference.

Please see the Endpoint config from OPNsense attached.

Thank you,
Regards,
Bobby Thomas
#28
19.7 Legacy Series / Re: Wireguard Unstable
November 01, 2019, 11:53:12 AM
Quote from: mimugmail on November 01, 2019, 09:42:58 AM
Screenshots of local instance and endpoints please

Please see attached.

Also see the below logs from the Wireguard client while trying to connect.

Code Select

2019-11-01 05:36:06.221: [MGR] Update checker: Get https://download.wireguard.com/windows-client/latest.sig: dial tcp: lookup download.wireguard.com: no such host
2019-11-01 05:37:16.888: [TUN] [wireguard] Starting WireGuard/0.0.35 (Windows 6.3.9600; amd64)
2019-11-01 05:37:16.889: [TUN] [wireguard] Watching network interfaces
2019-11-01 05:37:16.917: [TUN] [wireguard] Resolving DNS names
2019-11-01 05:37:16.969: [TUN] [wireguard] Creating Wintun interface
2019-11-01 05:37:20.405: [TUN] [wireguard] Using Wintun/0.7 (NDIS 6.40)
2019-11-01 05:37:20.504: [TUN] [wireguard] Enabling firewall rules
2019-11-01 05:37:20.663: [TUN] [wireguard] Dropping privileges
2019-11-01 05:37:20.711: [TUN] [wireguard] Creating interface instance
2019-11-01 05:37:20.712: [TUN] [wireguard] Routine: event worker - started
2019-11-01 05:37:20.714: [TUN] [wireguard] Routine: encryption worker - started
2019-11-01 05:37:20.716: [TUN] [wireguard] Routine: decryption worker - started
2019-11-01 05:37:20.717: [TUN] [wireguard] Routine: handshake worker - started
2019-11-01 05:37:20.719: [TUN] [wireguard] Routine: encryption worker - started
2019-11-01 05:37:20.720: [TUN] [wireguard] Routine: decryption worker - started
2019-11-01 05:37:20.722: [TUN] [wireguard] Routine: handshake worker - started
2019-11-01 05:37:20.724: [TUN] [wireguard] Routine: encryption worker - started
2019-11-01 05:37:20.725: [TUN] [wireguard] Routine: encryption worker - started
2019-11-01 05:37:20.727: [TUN] [wireguard] Routine: decryption worker - started
2019-11-01 05:37:20.728: [TUN] [wireguard] Routine: handshake worker - started
2019-11-01 05:37:20.730: [TUN] [wireguard] Routine: handshake worker - started
2019-11-01 05:37:20.731: [TUN] [wireguard] Routine: decryption worker - started
2019-11-01 05:37:20.733: [TUN] [wireguard] Routine: TUN reader - started
2019-11-01 05:37:20.741: [TUN] [wireguard] Setting interface configuration
2019-11-01 05:37:20.744: [TUN] [wireguard] UAPI: Updating private key
2019-11-01 05:37:20.760: [TUN] [wireguard] UAPI: Updating listen port
2019-11-01 05:37:20.774: [TUN] [wireguard] UAPI: Removing all peers
2019-11-01 05:37:20.776: [TUN] [wireguard] UAPI: Transition to peer configuration
2019-11-01 05:37:20.791: [TUN] [wireguard] peer(TIZw...s6BE) - UAPI: Created
2019-11-01 05:37:20.792: [TUN] [wireguard] peer(TIZw...s6BE) - UAPI: Updating endpoint
2019-11-01 05:37:20.793: [TUN] [wireguard] peer(TIZw...s6BE) - UAPI: Updating persistent keepalive interval
2019-11-01 05:37:20.794: [TUN] [wireguard] peer(TIZw...s6BE) - UAPI: Removing all allowedips
2019-11-01 05:37:20.805: [TUN] [wireguard] peer(TIZw...s6BE) - UAPI: Adding allowedip
2019-11-01 05:37:20.806: [TUN] [wireguard] peer(TIZw...s6BE) - UAPI: Adding allowedip
2019-11-01 05:37:20.808: [TUN] [wireguard] peer(TIZw...s6BE) - UAPI: Adding allowedip
2019-11-01 05:37:20.808: [TUN] [wireguard] peer(TIZw...s6BE) - UAPI: Adding allowedip
2019-11-01 05:37:20.821: [TUN] [wireguard] peer(TIZw...s6BE) - UAPI: Adding allowedip
2019-11-01 05:37:20.822: [TUN] [wireguard] Bringing peers up
2019-11-01 05:37:20.824: [TUN] [wireguard] Routine: receive incoming IPv6 - started
2019-11-01 05:37:20.826: [TUN] [wireguard] Routine: receive incoming IPv4 - started
2019-11-01 05:37:20.828: [TUN] [wireguard] UDP bind has been updated
2019-11-01 05:37:20.840: [TUN] [wireguard] peer(TIZw...s6BE) - Starting...
2019-11-01 05:37:20.840: [TUN] [wireguard] peer(TIZw...s6BE) - Routine: sequential receiver - started
2019-11-01 05:37:20.842: [TUN] [wireguard] peer(TIZw...s6BE) - Routine: nonce worker - started
2019-11-01 05:37:20.844: [TUN] [wireguard] peer(TIZw...s6BE) - Routine: sequential sender - started
2019-11-01 05:37:20.847: [TUN] [wireguard] Monitoring default v4 routes
2019-11-01 05:37:21.125: [TUN] [wireguard] Binding v4 socket to interface 6 (blackhole=false)
2019-11-01 05:37:21.224: [TUN] [wireguard] Setting device v4 addresses
2019-11-01 05:37:21.712: [TUN] [wireguard] Monitoring default v6 routes
2019-11-01 05:37:21.712: [TUN] [wireguard] Binding v6 socket to interface 0 (blackhole=false)
2019-11-01 05:37:21.714: [TUN] [wireguard] Setting device v6 addresses
2019-11-01 05:37:21.944: [TUN] [wireguard] Listening for UAPI requests
2019-11-01 05:37:21.945: [TUN] [wireguard] Startup complete
2019-11-01 05:37:25.412: [TUN] [wireguard] peer(TIZw...s6BE) - Sending handshake initiation
2019-11-01 05:37:25.445: [TUN] [wireguard] peer(TIZw...s6BE) - Awaiting keypair
2019-11-01 05:37:30.512: [TUN] [wireguard] peer(TIZw...s6BE) - Sending handshake initiation
2019-11-01 05:37:35.675: [TUN] [wireguard] peer(TIZw...s6BE) - Handshake did not complete after 5 seconds, retrying (try 2)
2019-11-01 05:37:35.675: [TUN] [wireguard] peer(TIZw...s6BE) - Sending handshake initiation
2019-11-01 05:37:40.759: [TUN] [wireguard] peer(TIZw...s6BE) - Sending handshake initiation
2019-11-01 05:37:45.942: [TUN] [wireguard] peer(TIZw...s6BE) - Handshake did not complete after 5 seconds, retrying (try 2)
2019-11-01 05:37:45.942: [TUN] [wireguard] peer(TIZw...s6BE) - Sending handshake initiation
2019-11-01 05:37:51.195: [TUN] [wireguard] peer(TIZw...s6BE) - Handshake did not complete after 5 seconds, retrying (try 2)
2019-11-01 05:37:51.196: [TUN] [wireguard] peer(TIZw...s6BE) - Sending handshake initiation
2019-11-01 05:37:56.523: [TUN] [wireguard] peer(TIZw...s6BE) - Handshake did not complete after 5 seconds, retrying (try 2)
2019-11-01 05:37:56.524: [TUN] [wireguard] peer(TIZw...s6BE) - Sending handshake initiation
2019-11-01 05:38:01.608: [TUN] [wireguard] peer(TIZw...s6BE) - Handshake did not complete after 5 seconds, retrying (try 2)
2019-11-01 05:38:01.621: [TUN] [wireguard] peer(TIZw...s6BE) - Sending handshake initiation
2019-11-01 05:38:06.927: [TUN] [wireguard] peer(TIZw...s6BE) - Handshake did not complete after 5 seconds, retrying (try 2)
2019-11-01 05:38:06.928: [TUN] [wireguard] peer(TIZw...s6BE) - Sending handshake initiation
2019-11-01 05:38:12.014: [TUN] [wireguard] peer(TIZw...s6BE) - Sending handshake initiation
2019-11-01 05:38:17.158: [TUN] [wireguard] peer(TIZw...s6BE) - Handshake did not complete after 5 seconds, retrying (try 2)
2019-11-01 05:38:17.158: [TUN] [wireguard] peer(TIZw...s6BE) - Sending handshake initiation
2019-11-01 05:38:22.451: [TUN] [wireguard] peer(TIZw...s6BE) - Handshake did not complete after 5 seconds, retrying (try 2)
2019-11-01 05:38:22.454: [TUN] [wireguard] peer(TIZw...s6BE) - Sending handshake initiation
2019-11-01 05:38:27.663: [TUN] [wireguard] peer(TIZw...s6BE) - Sending handshake initiation
2019-11-01 05:38:32.742: [TUN] [wireguard] peer(TIZw...s6BE) - Handshake did not complete after 5 seconds, retrying (try 2)
2019-11-01 05:38:32.742: [TUN] [wireguard] peer(TIZw...s6BE) - Sending handshake initiation
2019-11-01 05:38:37.639: [MGR] [wireguard] Tunnel service tracker finished
2019-11-01 05:38:37.869: [TUN] [wireguard] peer(TIZw...s6BE) - Handshake did not complete after 5 seconds, retrying (try 2)
2019-11-01 05:38:37.935: [TUN] [wireguard] peer(TIZw...s6BE) - Sending handshake initiation
2019-11-01 05:38:38.394: [TUN] [wireguard] Device closing
2019-11-01 05:38:38.441: [TUN] [wireguard] Routine: TUN reader - stopped
2019-11-01 05:38:41.230: [TUN] [wireguard] Routine: event worker - stopped
2019-11-01 05:38:41.237: [TUN] [wireguard] Routine: receive incoming IPv4 - stopped
2019-11-01 05:38:41.241: [TUN] [wireguard] Routine: receive incoming IPv6 - stopped
2019-11-01 05:38:41.242: [TUN] [wireguard] peer(TIZw...s6BE) - Stopping...
2019-11-01 05:38:41.243: [TUN] [wireguard] peer(TIZw...s6BE) - Routine: sequential receiver - stopped
2019-11-01 05:38:41.245: [TUN] [wireguard] peer(TIZw...s6BE) - Routine: nonce worker - stopped
2019-11-01 05:38:41.247: [TUN] [wireguard] Routine: decryption worker - stopped
2019-11-01 05:38:41.251: [TUN] [wireguard] Routine: handshake worker - stopped
2019-11-01 05:38:41.257: [TUN] [wireguard] Routine: handshake worker - stopped
2019-11-01 05:38:41.258: [TUN] [wireguard] Routine: decryption worker - stopped
2019-11-01 05:38:41.260: [TUN] [wireguard] Routine: encryption worker - stopped
2019-11-01 05:38:41.261: [TUN] [wireguard] Routine: encryption worker - stopped
2019-11-01 05:38:41.263: [TUN] [wireguard] Routine: handshake worker - stopped
2019-11-01 05:38:41.268: [TUN] [wireguard] Routine: decryption worker - stopped
2019-11-01 05:38:41.274: [TUN] [wireguard] Routine: handshake worker - stopped
2019-11-01 05:38:41.277: [TUN] [wireguard] Routine: decryption worker - stopped
2019-11-01 05:38:41.278: [TUN] [wireguard] Routine: encryption worker - stopped
2019-11-01 05:38:41.280: [TUN] [wireguard] Routine: encryption worker - stopped
2019-11-01 05:38:41.306: [TUN] [wireguard] peer(TIZw...s6BE) - Routine: sequential sender - stopped
2019-11-01 05:38:41.308: [TUN] [wireguard] Interface closed
2019-11-01 05:38:41.309: [TUN] [wireguard] Shutting down
#29
19.7 Legacy Series / Re: Wireguard Unstable
November 01, 2019, 08:40:19 AM
Thank you Michael for the quick response. It was not really an occassion, but I was trying to connect to it from my mobile and laptop with same profile (same peer config with only IP address change) and I was only able to connect it from my laptop. Earlier it used to connect from both and if I use only one device to connect to VPN then there will be no issues, but there will be handshake issues if both of them connect at the same time and because of that I used to see packet drops (because of same public key config). I was only able to connect to VPN once after the change to stable version and not from my mobile. I tried capturing data and vould see traffic coming from my mobile or laptop on udp 51820 port but there was no handshakes. I was only seeing handshake sent from peer end but nothing received. Any suggestions?

Thank you,
Regards,
Bobby Thomas
#30
19.7 Legacy Series / Wireguard Unstable
October 31, 2019, 11:31:13 PM
Hi All,

I have been using Wireguard dev for a while and recently mived to the stable build but after moving to the stable build wireguard has become unstable. Most of the times it won't establish the connection with the server only in one occasion it was able to establish the connection there were no changes in the config and I have even tried uninstalling and doing a fresh install, still thar didn't work. How can view the Wireguard logs? It's seems really hard to troubleshoot Wireguard connectivity issues.

Thanks in advance.

Regards,
Bobby Thomas
Pages 1 2 3 4 ... 9