Weird WireGuard Static Port Problem

Hi,
i have site to site Wireguard vpn
both client and server have static port
first connection with this configuration successfully initiates. But when PPPOE connection gone (default route also removing from route table) and reestablished wireguard server never connect anymore with client port 57001 . When i changed this port to 57002 then restart wireguard service from client side it works properly. Any suggestion would be appreciated at this point.
NOT: I can randomize client port but this problem also available for server. I must give static port to server side

my locations both have pppoe wan connection with mtu 1492


Code:
### SERVER
[Interface]
ListenPort = 57000
PrivateKey = CL9AFf4SbhARoeGueboV2BDjQITTe7BTuBZsRtqxZ1Y=
Address = 10.10.10.10/24

[Peer]
PublicKey = IpTXUd1+bAUvSxUq+3kJ8E15xLLAB3AaWw0ERst2QQ0=
AllowedIPs = 10.10.10.100/32,192.168.1.0/24
PersistentKeepalive = 0

### CLIENT
[Interface]
ListenPort = 57001
PrivateKey = HIDDEN
Address = 10.10.10.100/24

[Peer]
PublicKey = HIDDEN
AllowedIPs = 10.10.10.10/32,192.168.20.0/24
EndPoint = HIDDEN:57000
PersistentKeepalive = 25
 

Attachments

  • wg_debug.jpeg
    wg_debug.jpeg
    164.5 KB · Views: 87
Last edited:
does it happen if the links go down just for lets say 2-3 seconds or only if its gone until the server notices the peer is dead ?
 
OP
alfa
when i remove client's wan cable and wait until default route deletion and reinsert wan cable wireguard not establishes connection anymore.
But when i remove wan cable and reinsert before default route deletion connection continues as usual.

In addition i restarted mpd5 service and wireguard from client .
Server Wireguard logs gives new debug message >>

Code:
INFO: (wg1) 2022/03/02 13:29:21 Received invalid initiation message from <secretIP>:57001
INFO: (wg1) 2022/03/02 13:29:21 Received invalid initiation message from <secretIP>:57001
 
ok try this
add a bogus default route thru 127.0.0.1
change in mpd5.conf

set iface route default
to
set iface route 128.0.0.0/1
set iface route 0.0.0.0/1
then you'll always have a default route and if the route absence is the problem this will fix it
 
OP
alfa
thanks but i added set iface route 128.0.0.0/1 but no route added .
This time I will give up client wan pppoe and configure dhcp and will test again
 
ok try this
add a bogus default route thru 127.0.0.1
change in mpd5.conf

set iface route default
to
set iface route 128.0.0.0/1
set iface route 0.0.0.0/1
then you'll always have a default route and if the route absence is the problem this will fix it
Just messing around, and pushing your reaction score to 666 just for the screenshot :p
 
Top