Bug #16611
open
WireGuard MultiWAN Not Failing Back to Tier 1
Added by steven warner 2 months ago.
Updated 25 days ago.
Affected Plus Version:
25.11
Affected Architecture:
amd64
Description
When using a GW group for WAN failover, WireGuard will fail to Tier2 when the Tier1 GW is down. However, when Tier1 is restore, WireGuard does not revert back to Tier1.
re-opening issue 11630. This issue still occurs in 25.11.
Hello Steven,
Do you have state killing on lower priority gateways selected under System --> Advanced --> Misc?
Hi Kris - Yes that setting is set as you asked. The Wireguard tunnel stays firmly gripped on the lower tier gateway when the higher priority tier restores, while other traffic correctly migrates.
I also see this behavior at my location here.
I can add linbks to other reports from reddit etc... I believe this really happens. Big problem when your backup WAN is on a metered link...
Tested on 25.11.1-RELEASE
I was able to reproduce this issue and as a workaround I added Floating Firewall rule:
Interfaces: Any
Direction: Out
Protocol: UDP
Destination: <WireGuard Server IP>
Destination Port: <WireGuard Port> (for example, 51820)
Gateway: <Failover Gateway group>
and in System->Advanced-> Miscellaneous I chose 'State Killing on Gateway Recovery: Kill all states for lower-priority gateways'.
After I added these settings, whenever WAN1 went down, WireGuard started using WAN2. When WAN1 came back up, WireGuard successfully switched back to WAN1.
Also available in: Atom
PDF
Updated by 
Updated by 
Updated by 
Updated by