WireGuard does not start after reboot.

[Lucid1010]

You cannot view this attachment.


You cannot view this attachment.


An error occurs on the WireGuard peer configured for selective routing, and it does not start after boot. If the service is restarted manually, it works correctly.

[trumee]

I am facing the same issue after upgrading to latest patch OPNsense 26.1.10-amd64.

[Lucid1010]

The issue also occurred in version v26.1.9

[sopex]

Was it working before? 26.1.9? Or we don't know?

[Lucid1010]

Before v26.1.9, everything was working normally. The only difference is that I had configured one OPNsense native WireGuard instance and one selective routing setup.

In v26.1.10, the OPNsense WireGuard tunnel still works properly even after a reboot, but the selective routing configuration does not work.

This is not an issue with the VPN server or the configuration file.

[OPNenthu]

Did you install any public VPN instances (e.g. Mullvad) into the WireGuard group without the "Disable routes" option?

I think I saw this too when I was adding instances recently, but I moved the VPNs off to dedicated interfaces (with gateways in my case) and rebooted to flush the routing table.

I'm only keeping my private s2s and road warrior instances on the default WG group and this seems OK.

IIRC, instances with peers having 0.0.0.0/0 or ::/0 in the Allowed IPs list might be getting added as default routes, causing a conflict.  I'd need to retest this though because my memory could be failing.