Wireguard Site-to-Site Gateways disabled after reboot - service not starting

Seeking Sense

@Gektor are you referring to the WireGuard INTERFACE that you created for your WireGuard tunnel found in the pfSense Interfaces list?

If so then I have also found that to be my only solution to reestablish my WireGuard tunnel.

I am required to DISABLE, SAVE and APPLY and then ENABLE, SAVE and APPLY the WireGuard Interface to reestablish my WireGuard tunnel.

Is there a fix for this?

Has anyone written a script to check if a WireGuard Gateway is down, offline, etc... to DISABLE and then ENABLE its associated interface?

michmoor

@Seeking-Sense I would say to open a redmine if you believe this is a bug or a regression but the odds of that getting actioned by a dev are extremely low.
Have you tried disabling gateway monitoring?

Seeking Sense

@michmoor said in Wireguard Site-to-Site Gateways disabled after reboot - service not starting:

Have you tried disabling gateway monitoring?

Sure have. Not only that but disabled take action as well.

And just to be clear the WireGuard Interface fails to come online after reboot.

buzz2912

@Seeking-Sense
The Solution is restarting dpinger after reboot.
Search for my post in the solution for site to site gateway down after Reboot

Misterb

What Buzz said, restart dpinger and then start Wireguard.

Seeking Sense

Thanks for the reply @buzz2912 I may have tried that in the past not exactly sure and just stumbled across the DISABLE & ENABLE Interface solution.

I will reboot pfSense later and try your solution.

Never the less I need an unattended automated method to implement your or my solution for the times that my internet connect flakes out or there is a power outage and yes I have pfSense on a UPS.

Also WireGuard "is running" just not functioning when I DISABLE and ENABLE it's Interface.

buzz2912

@Seeking-Sense
install cron and service watchdog. Add wireguard to service watchdog. Create a cron job @reboot && sleep 30 for designer restart Here is the link

Seeking Sense

@buzz2912 are you saying to reinstall the WireGuard each time this happens? If so that is bonkers Or are you saying restart dpinger utilizing CRON and WATCHDOG?

buzz2912

@Seeking-Sense
At First i reinstalled. Now I am using dpinger restart

Misterb

I've just installed 2.7.0-RELEASE and the same issue and fix exists.

lcbbcl

@Misterb wow really? The problem still exist? omg i won't even bother to install the new version.I just need to find a pfb replace and i am out.
Thanks you just save me some time, i had in mind a clean install.

Seeking Sense

@Misterb thanks for being the guinea pig.

buzz2912

Tried it too. 2.7.0 and the problem is still the same.

lcbbcl

Well i think that i might solved the problem after reboot. If someone can test and see if its working, i did several reboots and now my wg is coming up without the error for unknown gateway.
What i did is check the box Disable Negate rules under System/Advanced/Firewall & NAT.
But i still have the problem if my wan goes offline when it is coming back my wg connection will remain offline until i reboot the box.
This is a clean 2.7 install without restoring backup just to discard any errors.