• 6.11.1 WIreguard VPN not working anymore

    Luca1201

    By Luca1201

      • Solved Minor

    after upgrading to os version 6.11.1 i noticed my wireguard tunnel is not autostarting anymore. trying to start it manually over wireguard settings in the webgui results in it being disabling itself immediately. i can start the tunnel as long as there are no peers added, with peers i get the following error trying to start it over cli:

      

    root@Tower:~# wg-quick up wg0
[#] ip link add wg0 type wireguard
[#] wg setconf wg0 /dev/fd/63
[#] ip -4 address add 10.253.0.1 dev wg0
[#] ip link set mtu 1420 up dev wg0
[#] ip -4 route add 192.168.178.56/32 dev wg0
[#] ip -4 route add 10.253.0.4/32 dev wg0
[#] ip -4 route add 10.253.0.3/32 dev wg0
[#] ip -4 route add 10.253.0.2/32 dev wg0
[#] logger -t wireguard 'Tunnel WireGuard-wg0 started'
[#] ip -4 route flush table 200
[#] ip -4 route add default via 10.253.0.1 dev wg0 table 200
[#] ip -4 route add 192.168.178.0/24 via 192.168.178.1 dev  table 200
Error: either "to" is duplicate, or "200" is a garbage.
[#] ip link delete dev wg0

    i also have my diagnostics attached.

    thank you in advance

    tower-diagnostics-20221007-2128.zip

    • Upvote 2
    Go to reports Stable Releases

    User Feedback

    Recommended Comments

    Luca1201

    after downgrading to 6.11.0 and removing the part "dev " from the config of the line producing the error vpn works again

    • Like 1
    Link to comment
    ljm42
    50 minutes ago, beasthouse said:

    just upgraded to 6.11.2 and it’s reverted back to not working again. Would seem it was not fixed?


    Open a web terminal and clear out the existing log by typing: 

    rm /var/log/wg-quick.log

     

    Then make a dummy change to your WireGuard tunnel to rewrite it with the new values.

     

    Go ahead and start one of the tunnels. It should start fine.

     

    If not, in the web terminal run: 

    cat /var/log/wg-quick.log

    and post the results back here.

    Link to comment
    randomzr

    @ljm42

     

    I'm using unraid 6.11.5 and just upgraded from unraid 6.8.

    I had the same problem and I tried the solution in the post you mentioned (regenerate config files by editing network settings and wiregurad settings).

     

    Here is my wg-quick.log: 

    wg-quick down wg0
[#] ip link delete dev wg0
[#] logger -t wireguard 'Tunnel WireGuard-wg0 stopped'
[#] iptables -t nat -D POSTROUTING -s 10.253.0.0/24 -o br0 -j MASQUERADE
[#] ip -4 route flush table 200
[#] ip -4 route add unreachable default table 200
[#] ip -4 route add 192.168.123.0/24 via 192.168.123.1 dev br0 table 200

wg-quick up wg0
[#] ip link add wg0 type wireguard
[#] wg setconf wg0 /dev/fd/63
[#] ip -4 address add 10.253.0.1 dev wg0
[#] ip link set mtu 1420 up dev wg0
[#] ip -4 route add 10.253.0.7/32 dev wg0
[#] ip -4 route add 10.253.0.6/32 dev wg0
[#] ip -4 route add 10.253.0.5/32 dev wg0
[#] ip -4 route add 10.253.0.4/32 dev wg0
[#] ip -4 route add 10.253.0.3/32 dev wg0
[#] ip -4 route add 10.253.0.2/32 dev wg0
[#] logger -t wireguard 'Tunnel WireGuard-wg0 started'
[#] iptables -t nat -A POSTROUTING -s 10.253.0.0/24 -o br0 -j MASQUERADE
[#] ip -4 route flush table 200
[#] ip -4 route add default via 10.253.0.1 dev wg0 table 200
[#] ip -4 route add 192.168.123.0/24 via 192.168.123.1 dev br0 table 200

     

    Link to comment
    ljm42
    20 hours ago, randomzr said:

    Here is my wg-quick.log:

     

    What is the problem you are trying to solve? The log shows that the tunnel started fine.

     

    Note that any time you edit the config on the server you also have to update the config on the client.

    Link to comment
    randomzr
    3 hours ago, ljm42 said:

     

    What is the problem you are trying to solve? The log shows that the tunnel started fine.

     

    Note that any time you edit the config on the server you also have to update the config on the client.

    Sorry for missing the problem description.

     

    The problem is, whenever I enable the Wireguard, it will become inactive after a few seconds.

     

     

    UPDATE: It works if I create a new tunnel, so I suspect the configuration file is incompatible after system upgrade. e.g. DNS field becomes required after the upgrade.

    Edited by randomzr
    Link to comment
    ljm42
    2 hours ago, randomzr said:

    UPDATE: It works if I create a new tunnel, so I suspect the configuration file is incompatible after system upgrade. e.g. DNS field becomes required after the upgrade.

     

    See if you can recreate wg0 as wg1. If wg1 works, then you can look in the config/wireguard directory on your flash drive and compare wg0.conf to wg1.conf and look for discrepancies. Also compare wg0.cfg and wg1.cfg

     

    If you can find a difference (or even if you can't), go ahead and send all the files to me in a DM. Just be sure to delete any Public/Private/Shared keys from the files before sending. 

    Link to comment
    bull

    im on 6.11.5 and i cant seem to get the tunnel working here is the log

     

    "wg-quick down wg0
    wg-quick: `wg0' is not a WireGuard interface

    wg-quick up wg0
    [#] ip link add wg0 type wireguard
    [#] wg setconf wg0 /dev/fd/63
    [#] ip -4 address add 10.253.0.1 dev wg0
    [#] ip link set mtu 1420 up dev wg0
    [#] ip -4 route add 10.253.0.2/32 dev wg0
    [#] logger -t wireguard 'Tunnel WireGuard-wg0 started'
    [#] iptables -t nat -A POSTROUTING -s 10.253.0.0/24 -o br0 -j MASQUERADE
    [#] ip -4 route flush table 200
    [#] ip -4 route add default via 10.253.0.1 dev wg0 table 200
    [#] ip -4 route add 192.168.187.0/24 via 192.168.xxx.1 dev br0 table 200"

     

    the xxx is in place of my actual network ip but in the file it shows correctly.. i cannot get anything to handshake  and not sure whats what as i have  port forwarded and all that fun stuff

    Link to comment


    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Restore formatting

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.

    ×

  • Status Definitions

     

    Open = Under consideration.

     

    Solved = The issue has been resolved.

     

    Solved version = The issue has been resolved in the indicated release version.

     

    Closed = Feedback or opinion better posted on our forum for discussion. Also for reports we cannot reproduce or need more information. In this case just add a comment and we will review it again.

     

    Retest = Please retest in latest release.

    Priority Definitions

     

    Minor = Something not working correctly.

     

    Urgent = Server crash, data loss, or other showstopper.

     

    Annoyance = Doesn't affect functionality but should be fixed.

     

    Other = Announcement or other non-issue.