Wireguard - missing peers

Hello,

I have the following in /etc/config/network:

config interface 'wg0'
        option proto 'wireguard'
        option private_key 'SOMEKEY'
        option listen_port 'SOMEPORT'
        list addresses '10.0.10.0/24'

config wireguard_wg0
        option public_key 'PUBKEY1'
        option route_allowed_ips '1'
        list allowed_ips '10.0.10.2/32,192.168.0.0/24'
        option persistent_keepalive '25'
        option description 'peer1'

config wireguard_wg1
        option public_key 'PUBKEY2'
        option route_allowed_ips '1'
        list allowed_ips '10.0.10.3/32,192.168.0.0/24'
        option persistent_keepalive '25'
        option description 'peer2'

config wireguard_wg2
        option public_key 'PUBKEY3'
        option route_allowed_ips '1'
        list allowed_ips '10.0.10.4/32,192.168.0.0/24'
        option persistent_keepalive '25'
        option description 'peer3'

The problem is that after restart of network and firewall service I am left with only single wireguard interface and one peer, the other peers are missing.
In order to fix the problem I need to add the configuration manually:

wg set wg0 peer PUBKEY2 allowed-ips 10.0.10.3/32
wg set wg0 peer PUBKEY3 allowed-ips 10.0.10.4/32

Any idea what is wrong with my setup?

Thanks, jose

Hi,

set - config wireguard_wg0 to all peer sections …

config interface ‘wg0’
option proto ‘wireguard’
option private_key ‘SOMEKEY’
option listen_port ‘SOMEPORT’
list addresses ‘10.0.10.0/24’

config wireguard_wg0
option public_key ‘PUBKEY1’
option route_allowed_ips ‘1’
list allowed_ips ‘10.0.10.2/32,192.168.0.0/24’
option persistent_keepalive ‘25’
option description ‘peer1’

config wireguard_wg0
option public_key ‘PUBKEY2’
option route_allowed_ips ‘1’
list allowed_ips ‘10.0.10.3/32,192.168.0.0/24’
option persistent_keepalive ‘25’
option description ‘peer2’

config wireguard_wg0
option public_key ‘PUBKEY3’
option route_allowed_ips ‘1’
list allowed_ips ‘10.0.10.4/32,192.168.0.0/24’
option persistent_keepalive ‘25’
option description ‘peer3’

1 Like

Wow, that was simple. Anyway that practically means that the following part of WireGuard setup [Turris wiki] is incorrect, right?

# Change all occurences of "wireguard_wg0" to something else 
# (like wireguard_wg1, wireguard_wg2 and so on) for 
# subsequent clients after the 1st
1 Like

Yes it is, that wiki needs to be updated.

1 Like

thank you, attempted to improve it.

1 Like

Not sure, but I thing that the setting means that theese peers belongs to interface wg0.
So, if I am right - your original setting was, that the first peer belonged to interface wg0, next peer to interface wg1 and another peer to interface wg2, but you had set up only interface wg0 …

Yes, I kinda feel it works this way (and wiki entry states the same after my edit).

1 Like

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.