Wireguard Broken after Successful Upgrade

[Schubbie]

By everyone else WireGuard is working now under 20.7.1? I can't get it to work again :-(

[mimugmail]

Can you contact me next week in IRC?

[Julien]

Or me I can help you We have over 250 tunnel now using WireGuard and it works great
I have removed openvpn from product0n

[mindfuse]

Similar trouble here... Upgrade to 20.7 worked like a charm. Applied 20.7.1 and now WireGuard is unable to establish connections on my iPhone stating “DNS resolution failure”.

Correcting... it was DNS account issue. I have no further issues.

[mimugmail]

Did you use OPNsense 20.7.1 or an older Version? I don't get it to work again after Update. I use the same Client Configuration with another Tunnel-IP and another Port for the VM. on my Synology where it works.

Can you check if you use GeoIP? Had a similar problem where it was just blocked by failed GeoIP country which broke after upgrade

[Schubbie]

I don´t use GeoIP.

Is there a possibility to remove all WireGuard Settings? If i un-/install Wireguard anr reboot the Settings are the same as before. I think there is a failure in a configuration that i can´t see in the Web-UI.

[mimugmail]

Via cli open conf/config.xml and remove wireguard container

[Schubbie]

I can use PuTTY for that?
But i can´t find the Folder :-(
I rarely use SSH...

[mimugmail]

/conf/config.xml

[Schubbie]

Did you take a look at my screenshot one Post before? I didn't found it.

[mimugmail]

You are in /root/ .. one folder up

[Schubbie]

THX. I've tried "cd\" correct is "cd ..".
I have delete the lines for Wireguard and siproxd. Now the Konfiguration for Wireguard is empty. I want to try to reconfigure next time.
Wireguard did I uninstalled with "pkg delete", but this delete not more as the WebUI.

[mimugmail]

pkg remove os-wireguard will delete the plugin and also the software itself. Should also happen when uninstalling via GUI

[Schubbie]

I've tried it with this ToDo again:
https://www.thomas-krenn.com/de/wiki/OPNsense_WireGuard_VPN_f%C3%BCr_Road_Warrior_einrichten

Under "listen" I see wg0 but no handshakes :-(
Did I have to configure an Interface and an IP for wg0?
I don't know what I should do. First time it runs till the Update last year.

Is there another ToDo I should use?

[chemlud]

Show your config (screenshot) for Local and Endpoint, as well as the FW-Rules on both ends. I had to add an interface for the WG (but not activate!) to make the FW-Tab for the tunnel appear...