Routing Gateway Problem With Wireguard and WAN
-
Hello Netgate community,
I recently setup wireguard on pfsense (using a vpn paid service) and it's working but it has one issue.
The Issue:
If I turn off wireguard, internet seems to go down completely. (Until I switch gateway default back to WAN)
If I turn wireguard on but with the WAN gateway set to default, my real ISP public IP is leaked. If I have wireguard on but with the wireguard gateway set to default, everything works.
Sometimes, if I reboot pfsense (for example), wireguard will turn on but internet will be down until I set WAN gateway as default gateway, then set the Wireguard gateway back to default gateway. Only then will internet work again when wireguard is started.
Gateways:
WAN gateway is set to dynamic
Wireguard gateway is set to an IP give to me by the VPN service and monitor IP is set to: 1.0.0.1Im not 100% sure what the issue is. My hunch is maybe my routing gateway settings?
Any help would be greatly appreciated.
Thank you
-
@techgeek055 Here are some logs when I turn wireguard off and internet doesn't work:
gateways:
dpinger 34996 send_interval 500ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 1 alert_interval 1000ms latency_alarm 500ms loss_alarm 20% dest_addr xxx.xxx.x.xx4 bind_addr xxx.xxx.x.x4 identifier "WAN_DHCP "
general:
Mar 10 14:17:11 kernel tun_wg0: link state changed to DOWN
Mar 10 14:17:11 php 29760 /usr/local/pkg/wireguard/includes/wg_service.inc: Configuration Change: (system): [pfSense-pkg-WireGuard] Disabled all WireGuard gateways.
Mar 10 14:17:11 check_reload_status 307 Syncing firewall
Mar 10 14:17:11 check_reload_status 307 Reloading filter
Mar 10 14:17:14 php-fpm 52299 /status_services.php: The command '/usr/local/etc/rc.d/wireguardd stop' returned exit code '1', the output was ''
Mar 10 14:19:00 sshguard 411 Exiting on signal.
Mar 10 14:19:00 sshguard 9661 Now monitoring attacks. -
Anyone able to offer any recommendations?
So currently, any time the pfsense box restarts, internet goes down, or I unplug the internet cable, the pfsense box comes back up any all services run but internet is down.
Each time this happens, the only fix is to:
go to: System -> routing , then change the default gateway ip4 to one that isnt my vpn wireguard gateway, then press save. Then put it back to the VPN wireguard gateway. Then internet will work.
-
-
@mcury will do, thank you! will update soon
-
@mcury didn't figure it out still. Our configs are similar, just that I use 1 wireguard instance currently. NAT outbound is different.
Another thing I noticed was that when I switch to WAN as default gateway, my IP address uses the public ISP IP address even when wireguard is on.
I'll keep digging... If I cant figure out I might switch VPN providers to mullvad...