WireGuard status shows last handshake -1 years 11 months ago
-
I have set up three firewalls site-to-site via WireGuard tunnels. All three firewalls are Netgate 8200 MAX running 23.05.1 and pfSense-pkg-WireGuard 0.2.0_2
Firewall A has one tunnel to firewall B, and another tunnel to firewall C.
Firewall B has one tunnel to firewall A.
Firewall C has one tunnel to firewall A.
There is no direct tunnel between firewalls B and C, but they can inter-connect through firewall A and they're set up by static routes and allowed IPs in WireGuard peer.What I am encountering is the WireGuard status pages on all three firewalls are showing the peers last handshakes are at -1 year (negative 1 year) 11 months ago. The tunnels are up and communication between one firewall's LAN and another firewall's LAN works fine, at least for now.
Is this a known issue, and are there any ways to fix this? Let me know what other details you need regarding each firewall's setup.
-
At this point, I don't think it's related to my WireGuard setup. I reported the above issue on September 30. It was fine earlier.
This is how firewall A looked like when my local time was September 30th, 11:57pm
I waited a few more minutes and it's now October 1st. The last handshake time is showing normal.
-
I can't say how happy I was to see your forum post on my Google search. I was slightly concerned when the only comment was yours saying that it was resolved. I just set up an account to be able to reply to this. I have 3 firewalls (2 running CE 2.7.1 and 1 running 2.7.2) that are doing the same thing. Only commonality I recognized was that it's yet again the last day of the month. My coworker set his timezone ahead and the GUI issue resolved itself. Once he set it back, it did the same. I'm assuming this is some sort of date/GUI bug, but wanted to post that we were experiencing the same. I'd be curious if yours is doing it now as well too (if you happen to see this before your date rolls over). Interesting...
-
@jtressler I wasn't checking the WG status quite often but I now see it's happening again. This time I'm running the latest pfSense Plus 23.09.1 and up-to-date WireGuard 0.2.1 package.
It's January 31st, and I had suspicion being the end of month would have something to do with this; I'd want to test this theory but haven't been able to set the date to a specific day without the firewall getting auto-synced to the current date. I also recall checking another month's last day (October 31st I think) and it was showing all normal.
At least I can document that this happened again on the last day of January, as well as September. I remember others posted on June 30th about this problem. So we now have:
- Jan 31st
- Jun 30th
- Sep 30th
I wonder if there is any correlation between the months...
-
P PlyrStar93 referenced this topic on