[solved] Wireguard S2S down after upgrade

[securid]

I don't know if it happened after upgrading Site A or Site B. I should have checked before upgrading Site B but I forgot after chasing this wild goose for a few hours.

In any case, Site A has several peers in a "road warrior" setup. These work without a hitch. There is a peer for another OPNsense box (Site B) for a S2S which is down.

I have a backdoor via SSH and port forward, so I'm still able to access the OPNsense interface on Site B that way.

I checked firewall rules on both ends, no changes here.
I checked and verified public keys between instance B and its peer on A and vice versa. Pasted them to be sure and confirmed, restarted Wireguard. No change.

I can see one error in the logging on both ends and it has been there since forever. It still appears:

Code Select Expand


2024-02-03T15:34:17 Error wireguard /usr/local/opnsense/scripts/Wireguard/wg-service-control.php: ROUTING: not a valid interface gateway address: ''

I doubt that has anything to do with todays' issues.

Tcpdump shows packets on both sites on their outside interfaces but the handshake never completes.

What else can I do? I see nothing in the logging, keys are correct, packets are flowing?

[securid]

Solved it!

Don't ask why but the gateway was gone and on the interface it was set to "automatic".

I had to recreate the gateway and reconfigure it on the interface and things started working again.

[Cipher]

Solved it!

Don't ask why but the gateway was gone and on the interface it was set to "automatic".

I had to recreate the gateway and reconfigure it on the interface and things started working again.

i am facing a similar issue, do you mean the Site to Site Gateway was Gone?