Gateway disabled after reboot

bdp · March 12, 2022, 2:54am

I’ve been testing site to site Wireguard VPN. I really like it, however I have one issue. When I reboot the one of the routers the gateway I created for the static routed is disabled. I have to manually untick the disable box to get the VPN active again.

When I reboot the router on the other side all gateways are active.

Both routers appear to have the same config. There is nothing in the logs.

Can anyone help with this issue? Thanks.

bdp · March 12, 2022, 3:30am

Think I may have found a solution.

When I change the Monitor IP in the gateway settings to be the IP it’s own interface IP (instead of being empty, the other side of the VPN interface IP or being marked as alway up) the gateway starts after a reboot.

Urzu_X · March 19, 2022, 10:05am

I’m facing the same issue though my setup is a bit different. The three sites are all behind NAT (the ISP itself NAT the connection) so all the three sites are routing through a Cloud VPS. I tried following your advice by setting the monitoring IP of the gateway to the tun_wg0 interface IP and disabling the gateway action, but it doesn’t work for me. Also tried disabling Gateway monitoring but still the same issue.

What I believe is happening is when the firewall halts or reboots, it stops the WireGuard service, and in the process the Gateway associated with it gets disabled, the same way if you uninstalled the WireGuard package.

However, upon booting back up it doesn’t gets enabled automatically. This is my take on this issue. Hope someone can find a solution soon as I’m scratching my head over this.

bdp · March 20, 2022, 1:03am

I’m still having this issue. Seems to be more intermittent now. The same problem has been raised here: Bug #12808: Wireguard Gateways disabled when Wireguard Service is Manually Restarted - pfSense Packages - pfSense bugtracker

buzz2912 · January 18, 2023, 8:26pm

I do have the same problem.
on 2.6.0 everything works for me
On 22.05 the issue occurs
On 2.7.0 the issue occurs
here is my thread:

still no solution
tried 2.7.0 again today.

Sebastian

buzz2912 · January 21, 2023, 9:10am

Here is more
Maybe it is the PPOE connection

https://www.reddit.com/r/PFSENSE/comments/tc8zsx/wireguard_service_not_starting_on_system/?utm_source=share&utm_medium=web2x&context=3

buzz2912 · January 23, 2023, 6:31pm

I tried again. Every version since 22.01 and 2.6.0.
23.01. beta is still broken for me.
No luck at all.
I wrote it down in the negate forums but there seems to be no support.
I think this is broken and will not be fixed soon.

A script which reinstalls wireguard on every boot fixes the error. Great solution.

buzz2912 · January 28, 2023, 10:55am

Switched to opnsense.
No issues reusing the keys of the servers.
All up and running