Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Virtual private networks
»
Wireguard k-mod interface errors
« previous
next »
Print
Pages: [
1
]
Author
Topic: Wireguard k-mod interface errors (Read 2481 times)
yeraycito
Sr. Member
Posts: 288
Karma: 18
Wireguard k-mod interface errors
«
on:
May 16, 2021, 04:22:50 pm »
I have wireguard k-mod installed on Opnsense and I use that connection on an Android phone. The wireguard application on Android is permanently connected 24 hours a day. It works perfectly except for receiving messages via instant messaging (whasapp - signal) which arrive with a long delay. In Opnsense I had noticed that the WG interface had input errors. Wireguard, by its own operation, pauses the connection when no data is sent or received. The problem is that the connection pause is too long and prevents data from being sent or received. To avoid this Wireguard recommends setting a persistent keepalive of 25 seconds in the client configuration. This setting does not solve the problem and whasapp messages are still delayed and in Opnsense the WG interface is still giving errors. To solve this, you have to do the following:
- Opnsense: VPN - WireGuard - Endpoints - keepalive = 1
- WireGuard client: Persistent keepalive = 1
It is very important to make both settings because both wireguard in opnsense and wireguard in the client send the keepalive packets but even if you set 1 second in the configuration they actually take a bit longer to send. The way to check this is to look at how the data is sent and received and how often it is sent and received in Opnsense - vpn - wireguard - List Configuration.
With these settings, the problems with sending and receiving data in the wireguard client as well as the error data in the wg-interface in Opnsense disappear.
Logged
yeraycito
Sr. Member
Posts: 288
Karma: 18
Re: Wireguard k-mod interface errors
«
Reply #1 on:
May 16, 2021, 05:25:59 pm »
These problems also occur with wireguard-go. To solve them, the settings described above must be applied.
Logged
yeraycito
Sr. Member
Posts: 288
Karma: 18
Re: Wireguard k-mod interface errors
«
Reply #2 on:
May 18, 2021, 05:00:27 pm »
With the settings explained above there are no errors in the wg-interface but there is a high battery consumption on the smartphone. To solve the latter, the following settings are better:
- Opnsense: VPN - WireGuard - Endpoints - keepalive = 5
- WireGuard client: Default options
Any setting longer than 5 seconds in Opnsense-wireguard causes errors in the wg-interface.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
Virtual private networks
»
Wireguard k-mod interface errors