Bug #13696
closed
WireGuard v0.1.6_2 - Tunnel Will Never Handshake Again After WAN Reset
0%
Description
This old bug has returned: https://redmine.pfsense.org/issues/12399
Identical symptoms: make any changes to the tunnel, any at all, even just rebooting or restarting pfSense, and your WireGuard tunnel is borked. The only way to get connected again is to blow away all of it, reinstall your tunnels, peers, and related configurations. Then don't touch it and pray nothing goes wrong. You can't switch peers anymore, as this borks the tunnel.
Updated by Nunya Business almost 2 years ago
even just rebooting or restarting Wireguard
Updated by Nunya Business almost 2 years ago
I think I found the solution for 0.1.6_2. Once your tunnel is setup with peers, you have your tun_wg0 Interface, and the Mullvad Gateway has been created, you have to temporarily switch Default Gateway over to the WAN. If you do this, the handshake will complete. I don't know why this works. I have tried switching to multiple peers. Each time, set Default Gateway to WAN, let the handshake complete, then switch it back to Mullvad Gateway and you're good to go. If anybody has any notion of what is causing this, speak up. I have a basic setup, like the Netgate website recommends. Nothing fancy. Basic firewall outbound NAT and rules.
Updated by Nunya Business almost 2 years ago
Never mind. It was a problem with my firewall. Follow the guide here and you'll be fine: https://mullvad.net/en/help/pfsense-with-wireguard/
Updated by Jim Pingle almost 2 years ago
- Status changed from New to Not a Bug
- Priority changed from High to Normal