B1300 Convexa B Wireguard VPN Client Connection Issues

dslucki · September 15, 2021, 5:52pm

Hi There - I’m having an issue with my Wireguard VPN client not connecting to the Wireguard Server properly after the client is rebooted. Here’s what I have:

Router: HOME (Convexa-B1300) - this is located at my office
Wireguard VPN Server

Router: TRAVEL (Convexa-B1300) - this will travel with me when I travel
Wireguard VPN Client

Here’s the issue:
The TRAVEL router is connected on the WAN via WiFi (say a hotel or coffee shop). When it first boots up, it connects to the WAN over WifFi just fine. The Wireguard client FAILS to connect to the Wireguard server on HOME router. I have to go to the gui for the Wireguard client, hit ABORT then then hit CONNECT. Then works fine. Whenever the TRAVEL router is connected via WIFI and first boots or is rebooted it will fail until I hit ABORT and then hit CONNECT via the gui.

When the TRAVEL router is connected to the WAN via Ethernet, there is no problem. I do not have to abort the client on the TRAVEL router when it first boots or when it reboots.

I can replicate this 100% of the time and I need some help here figuring out what to do. Any help is appreciated.

alzhao · September 17, 2021, 10:52am

Does the hotel has a captive portal? It may block the router to update time.

When time is not updated, the router cannot connect to the Wireguard server.

dslucki · September 17, 2021, 2:12pm

No hotel involved. I tested the vpn between my office and my home.

alzhao · September 20, 2021, 8:53am

Go to vpn policy and turn off “Use VPN for all processes on the router”.

After doing this, the router will be able to sync time regardless of vpn connection. But this may cause DNS leak

dslucki · September 25, 2021, 4:37pm

Thank you for this suggestion. I have applied this setting to the TRAVEL router. It did not fix the issue. Any additional suggestions would be most helpful.

dslucki · September 29, 2021, 3:34pm

I have found a temporary workaround:
I was using the DDNS name in the configuration for the Wireguard client. When I change it to the IP address it will work 100% of the time.

This config does not work -
[Peer]
AllowedIPs = 0.0.0.0/0,::/0
Endpoint = SOMETHING.glddns.com:51820
PersistentKeepalive = 25
PublicKey =

This config does work -
[Peer]
AllowedIPs = 0.0.0.0/0,::/0
Endpoint = X.X.X.X:51820
PersistentKeepalive = 25
PublicKey =

dslucki · October 4, 2021, 10:06pm

Can anyone help me?

Using the DDNS name of SOMETHING.glddns.com causes my wireguard client to fail. Using the dynamic IP from my ISP allows my wireguard client to connect. However, once the dynamic IP address changes then my wireguard client will no longer connect.

Please help.

alzhao · October 6, 2021, 10:02am

Can I know if the ddns is resolved correctly to your ISP IP address?

dslucki · October 7, 2021, 2:24am

Yes, DDNS does resolve correctly to my ISP address. WireGuard VPN client will work with DDNS name in the following way: If I turn on the TRAVEL router the WireGuard client fails to connect. All I do is hit disconnect and then hit connect and it works. I created a WireGuard VPN client using IP address and it works every single time. The WireGuard client using DDNS name fails when the router boots and if I disconnect and reconnect it works.

alzhao · October 7, 2021, 3:24am

So it seems that the router failed to resolve the ddns when reboot? Can you turn on vpn policy and choose not to use vpn for process on the router?

dslucki · October 7, 2021, 4:00am

Thank you for this suggestion. It did not work. In fact, the WireGuard client fails 100% of the time with this policy in place.

What’s next?

dslucki · October 18, 2021, 6:34pm

I still have no solution to this problem. I am temporarily using IP address to connect from the remote router to the main office router. Any help is appreciated. Are there some logs I can post to help with this?