Question about Wireguard server

Question about Wireguard server

[Stoyan Mihov]

[-- Attachment #1: Type: text/plain, Size: 966 bytes --]

Greetings dear wireguards!

First of all - happy 2018!

I have a quick question:

I am running wireguard on ubuntu 16.04 server and LEDE on router. When I
have everything set up on the router - I decided to upgrade to a newer
version of LEDE. So I did, and then my router would not connect to the
server anymore (although settings have been saved) until I issue a command
on the server:
wg-quick down wg0 && wg-quick up wg0

Then the router automatically connects without an issue. Before that - the
server would not accept a connection from the router, there are no dmesg
errors, no errors whatsoever on both sides. It simply doesn't show a
handshake on the server, and the router sends packets, but receives 0
packets.

Is there an easier way to fix that issue, so a restart on the server would
not be necessary every time an upgrade on the router is made? Or am I
missing something obvious (quite possible lol) that resolves that issue?

Thank you so much!
Tony.

[-- Attachment #2: Type: text/html, Size: 1319 bytes --]

Re: Question about Wireguard server

[Jason A. Donenfeld]

[-- Attachment #1: Type: text/plain, Size: 1440 bytes --]

Hi Stoyan,

Ensure that the time is set correctly on your lede box after reboots. If
the time rolls backwards, handshakes will be rejected rightfully by the
server.

Jason

--
Sent from my telephone.

On Jan 4, 2018 22:51, "Stoyan Mihov" <t0ny0@atlantabg.com> wrote:

> Greetings dear wireguards!
>
> First of all - happy 2018!
>
> I have a quick question:
>
> I am running wireguard on ubuntu 16.04 server and LEDE on router. When I
> have everything set up on the router - I decided to upgrade to a newer
> version of LEDE. So I did, and then my router would not connect to the
> server anymore (although settings have been saved) until I issue a command
> on the server:
> wg-quick down wg0 && wg-quick up wg0
>
> Then the router automatically connects without an issue. Before that - the
> server would not accept a connection from the router, there are no dmesg
> errors, no errors whatsoever on both sides. It simply doesn't show a
> handshake on the server, and the router sends packets, but receives 0
> packets.
>
> Is there an easier way to fix that issue, so a restart on the server would
> not be necessary every time an upgrade on the router is made? Or am I
> missing something obvious (quite possible lol) that resolves that issue?
>
> Thank you so much!
> Tony.
>
> _______________________________________________
> WireGuard mailing list
> WireGuard@lists.zx2c4.com
> https://lists.zx2c4.com/mailman/listinfo/wireguard
>
>

[-- Attachment #2: Type: text/html, Size: 2359 bytes --]

Re: Question about Wireguard server

[Bruno Wolff III]

On Thu, Jan 04, 2018 at 16:51:19 -0500,
  Stoyan Mihov <t0ny0@atlantabg.com> wrote:
>Greetings dear wireguards!
>
>I am running wireguard on ubuntu 16.04 server and LEDE on router. When I
>have everything set up on the router - I decided to upgrade to a newer
>version of LEDE. So I did, and then my router would not connect to the
>server anymore (although settings have been saved) until I issue a command
>on the server:
>wg-quick down wg0 && wg-quick up wg0
>
>Then the router automatically connects without an issue. Before that - the
>server would not accept a connection from the router, there are no dmesg
>errors, no errors whatsoever on both sides. It simply doesn't show a
>handshake on the server, and the router sends packets, but receives 0
>packets.
>
>Is there an easier way to fix that issue, so a restart on the server would
>not be necessary every time an upgrade on the router is made? Or am I
>missing something obvious (quite possible lol) that resolves that issue?

Is there NAT involved? I saw similar behavior when a port got moved 
because of a source NAT conflict.