Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
WG tunnel firewall state going stale, requires delete to restore connectivity
« previous
next »
Print
Pages: [
1
]
Author
Topic: WG tunnel firewall state going stale, requires delete to restore connectivity (Read 642 times)
CanadaGuy
Newbie
Posts: 20
Karma: 0
WG tunnel firewall state going stale, requires delete to restore connectivity
«
on:
February 27, 2023, 04:57:55 pm »
Since I switched to opnsense I've had issues with my WireGuard tunnels. I connect several tunnels from a host on my LAN to a few servers on the public internet. It seems these tunnels go stale, and stop passing traffic after a while. I have a 10 second keep alive, but that doesn't seem to keep the tunnel open. Searching for the destination IP in my firewall state table and deleting the states allows the connection to resume.
Is there any state checking I can implement to keep this from happening? I'm using "port forward" to implement DNAT as I want to redirect these IPs for everything BUT SSH and WG UDP.
What can cause the firewall state to stop forwarding traffic and prevent opening a new connection?
Logged
zan
Full Member
Posts: 175
Karma: 31
Re: WG tunnel firewall state going stale, requires delete to restore connectivity
«
Reply #1 on:
February 28, 2023, 04:39:19 am »
Have you checked your wireguard status for handshakes, do they handshake normally (every 1-3 min)?
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
WG tunnel firewall state going stale, requires delete to restore connectivity