Client access suddenly stopped with Wireguard plugin.

Started by nerlins, June 01, 2022, 07:14:20 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
June 01, 2022, 07:14:20 PM Last Edit: June 02, 2022, 02:12:46 AM by nerlins
I set up Wireguard a few months ago, following the Road Warrior guide. It has worked since then. In the past few days it does not allow my clients to do anything. They appear to connect, but I see no response looking at handshakes. I have tried two DDNS services, just to make sure that wasn't the problem. Unbound DNS has been listening on the Wireguard interface since the beginning. I'm really not sure where to look for what has broken/changed. I personally have not changed anything on this firewall since setting up Wireguard.

I really don't know how to go about troubleshooting this. I have reinstalled the plugin. Updated to 21.1.8_1 firmware, updated all packages, cleared states and source tracking, cleared DNS cache, restarted Unbound...can someone help me with this?
June 02, 2022, 02:53:52 AM #1 Last Edit: June 02, 2022, 03:40:04 AM by nerlins
Thought I fixed it. Still broken...

This doesn't make any sense. It only works when I am already on my home wifi. It does not work when I am trying to connect externally. Can someone chime in on what is happening?
June 02, 2022, 06:42:27 PM #2 Last Edit: June 04, 2022, 03:04:27 AM by nerlins
EDITED DUE TO RESPONSE FROM ADMIN
***WARNING*** OFFENSIVE COMMENT***
I guess this forum is dead. It's pretty disheartening...
***SHOULD NOT HAVE SAID THIS. APOLOGIES TO ALL!!!***

I restored from a 2-month-old backup, and now wireguard is working. I have not made any changes in the past 2 months. I haven't had any time to mess with this thing and it's been working just fine. I really wish someone would at least say something. If there is a bug that corrupts the plug-in when updating to the last couple of recent versions, then people need to be notified about it. There's no documented location for log files. Nothing is documented on how to troubleshoot why this broke. There is also no definitive answer why a backup fixed it. As far as I know a backup is only configuration files. Since I haven't changed anything what did the backup fix?
June 03, 2022, 09:30:43 AM #3 Last Edit: June 03, 2022, 09:34:46 AM by Greelan
Deleted - should have read rest of post!
June 03, 2022, 12:12:06 PM #4
It's trivial to diff your config changes on the System: Configuration: History page to see what was changed. To think nothing was changed seems odd, don't you think?

Also it's a bit awkward to say things such as "I guess this forum is officially dead" because nobody wants to offer their time to help you. Sometimes the problem lies with providing too little information or being a general demotivating poster. ;)


Cheers,
Franco
June 04, 2022, 02:25:57 AM #5 Last Edit: June 04, 2022, 03:53:06 AM by nerlins
Franco,

I have put a warning on my comment, for others to see.

I read a lot of other posts from the recent few months of activity, and saw many with no responses. I assumed my posts/thread would lay dead just like all of these other posts. And, it's frustrating because, other than Reddit, there is nowhere else to ask questions about this operating system.

I don't know how else to say this: I had not changed anything related to the Wireguard setup. I had not made any changes to Unbound. A few days ago, I added another Dynamic DNS host to update through the GUI. How would that break Wireguard? Maybe there was a power outage I did not catch in time, and there was file system corruption. I have this on a UPS, so it's hard to imagine.

I think it's awkward for the admin to single me out, and insult me, by calling me a "general demotivating poster"? My last post was in April, and I answered my own question, detailing what I did to fix the issue. Before that, almost a month. Seems I edited it out, probably because I was lost on a problem and was embarrassed about my ignorance at the time.

So, I sincerely apologize if I offended you or anyone else, by saying "I guess this forum is dead", because I ACTUALLY worried it might be. But why the personal attack/insult?
June 04, 2022, 08:33:52 PM #6
DEAR READER

If you have made it this far, amidst the slight drama, here is the final update:

No-IP seems to be the culprit. My dynamic IP from my ISP recently changed, but the DDclient was pushing the update to No-IP. It appears to break/ unbreak the Wiregaurd connection randomly. Last night I changed my endpoint to a FreeDNS hostname, and have had no issues. I have rebooted OPNsense multiple times, and toggled the client connection on/off multiple times.

I stand firm when I STATE that I had not made ANY CHANGES to my firewall. The erratic behavior of the DDNS endpoint redirect made it appear that the plugin was broken. This was not in my initial suspicion, hence why I asked for help, though I am not sure anyone would have guessed this issue.

I am no longer going to pay for/ rely on No-IP. As far as I can tell, this is the culprit, but I still haven't found logs on OPNsense to check, although I can check PC/Android client app logs. Since it is working now, I am no longer going to troubleshoot. I hope this helps someone else.
Print
Go Up Pages1
User actions