I’m encountering difficulties setting up my WireGuard VPN for hosting purposes. This is unexpected, as the same configuration previously worked without issue. The problem began after performing a factory reset on my router.
A handshake is successfully established.
A small amount of data is exchanged (a few kilobytes).
I have rebooted the router.
However, the internet connection drops within a few minutes after each reboot.
I would appreciate any guidance or suggestions on resolving this issue.
Verified it all works via Android WG client Linux and WIN client
Also, cannot add DNS to WAN to prevent leaks as the DNS seems to be private and only works if it’s tunneled via WG
PDF of visual configuration (expire after 30 days)
Settings:
Update: I recently installed OpenWRT on my Linksys 3200ACM backup router, and WireGuard started working immediately—no issues whatsoever.
Can’t spot some mistake easily and not that skilled around this overall.
So this should mean all around WG is OK for it to connect.
But have few questions:
A small amount of data is exchanged (a few kilobytes).
That is because you are not sending any data at all or because the traffic can’t get through?
(Like some protocols, programs or service can’t utilize the connection.)
However, the internet connection drops within a few minutes after each reboot.
Meaning it stall with info about the handshake being a minutes ago, no more data in the WG data counter?
What does the log show (Status > System Log, or logread) for the period of time it starts and ending being unusable? Is there any info at all?
Seems to me you are not behind NAT (bc WAN IP addr). So the Persistent Keep Alive is not needed.
Also you do have some backup with second wan - 5G.
It’s offline now, but how does that work, is it with mwan3 - so maybe some interface or mwan3 metrics are wrong.
Is this the Omnia with the LTE - 5G upgrade kit?
Just curious as expecting this dual WAN with balancing and WG could cause some hiccup.
Thank you very much for your reply—it is greatly appreciated.
Answer:
Precisely. No additional data
Answer:
I’m not sure.
Updated (logs at the bottom)
Answer:
Yes, I forgot about the Persistent Keep Alive setting. Yes I’m not behind a NAT.
quote=“AntonF, post:2, topic:21687”]
It’s offline now, but how does that work, is it with mwan3 - so maybe some interface or mwan3 metrics are wrong.
[/quote]
Answer:
Yes, this was one of my initial considerations as well. It’s currently not in use, so no configuration has been applied.
I’m currently using the WiFi 6 version in combination with the 5G kit. While I’m aware that the 5G kit was originally designed for the earlier hardware revision, I was able to get it fully operational by downloading the appropriate 5G package—plug-and-play functionality is always appreciated.
This setup was intended as a temporary solution until fiber installation is completed in my neighborhood. From an aesthetic standpoint, it’s still a work in progress, but I’m actively working on improving its appearance.
I’m not entirely sure why it worked, but after disabling the wan, wan6, gsm, and gsm6 interfaces in MultiWAN Manager and performing a reboot, WireGuard began functioning as intended.
The next step is to determine how to integrate 5G connectivity to support a future failsafe implementation.
Could anyone explain why this configuration worked, and how it can be reliably implemented in the future using a 5G SIM while ensuring that WireGuard continues to function properly?
There are two types of metric to be set up for what do you have in use:
One for mwan3 configs as chaining the interface and paths - these are not necessary for routing, serve only as guidance for mwan3 how to deal with all the possibilities.
And secondly the main metric, the Interface - Advanced settings: “Use gateway metric” in OpenWRT for each interface (these are required for mwan3 to even work afaik).
I can see you have the mwan3 only in provided config but no metric in /etc/config/network.
Try put different metrics for both possible WAN as per mwan3 guidance, maybe that will help.
Have no set up like this now at my disposal quickly - so can’t validate anything, just this is purely guess according to my previous experience.
–
Also as of now: what you marked as Solution is just possibly workaround and the name of this thread is not accurate (for someone in this situation searching forum a year after).
