Slate AX errors every few days, fixed by creating new client config

IAmBriski · October 20, 2022, 12:47pm

Hello!

I have a Slate AX connected to my home wifi with Wireguard Server and one connected to my laptop with Wireguard Client. They are both updated to the latest firmware.

Every now and then, my client router is unable to connect to my server router. It gives me the following in the log:

user.notice wireguard-debug: USER=root ifname=wgclient ACTION=REKEY-TIMEOUT SHLVL=2 HOME=/ HOTPLUG_TYPE=wireguard LOGNAME=root DEVICENAME= TERM=linux SUBSYSTEM=wireguard PATH=/usr/sbin:/usr/bin:/sbin:/bin PWD=/

I’ve found that this is solved by creating a new server config and setting it up on my client router. I’m not sure what would cause this to happen. I have DDNS enabled on the config.

Any help is appreciated!

wcs2228 · October 22, 2022, 3:38pm

That log record has ACTION=REKEY-TIMEOUT, which may indicate that the key is not valid.

I get the following records repeated with WireGuard working on my router.

kern.info kernel: [160529.695941] wireguard: wireguard-hotplug IFNAME=wgclient ACTION=KEYPAIR-CREATED
user.notice wireguard-debug: USER=root ifname=wgclient ACTION=KEYPAIR-CREATED SHLVL=1 HOME=/ HOTPLUG_TYPE=wireguard LOGNAME=root DEVICENAME= TERM=linux SUBSYSTEM=wireguard PATH=/usr/sbin:/usr/bin:/sbin:/bin PWD=/

Can you confirm that the time has been synched in the correct timezone on the router?

I do not work for and I do not have formal association with GL.iNet

alzhao · October 25, 2022, 10:16am

What is the wireguard server?

I got several case that wireguard is broken and get these errors and have to disconnect and reconnect manually.

IAmBriski · October 27, 2022, 1:54pm

@wcs2228 I can confirm that the Wireguard Server and Client are on the same time zone.

@alzhao Can you clarify what you need from me? The Wireguard Server is another Slate AX.

So far, the only solution I have found is to create a new config, which works for a day or two and then I have to create new config again.

alzhao · October 27, 2022, 2:28pm

This looks like a change in your IP address. Can you check ?

alzhao · October 27, 2022, 2:29pm

As you have ddns, pls check if the ddns update in time.

IAmBriski · October 27, 2022, 2:43pm

@alzhao I will run the process again and check the IP address each time

Can you please tell me how to check that the DDNS update in time?

wcs2228 · October 27, 2022, 4:57pm

If you are using DDNS and the public IP changes, the existing WireGuard client config (with DDNS Endpoint) should still work after restarting the Wireguard client, without having to create a new client config.

Check the System Log (logread) for DDNS update records. GL.iNet states DDNS update frequency is once every 10 minutes.

DDNS - GL.iNet Docs.

IAmBriski · October 27, 2022, 11:37pm

Hello! It looks like for some reason I can’t even get the client to communciate with the server anymore, even with a new config

Here is what the client log says:

user.notice wireguard-debug: USER=root ifname=wgclient ACTION=REKEY-TIMEOUT SHLVL=2 HOME=/ HOTPLUG_TYPE=wireguard LOGNAME=root DEVICENAME= TERM=linux SUBSYSTEM=wireguard PATH=/usr/sbin:/usr/bin:/sbin:/bin PWD=/

Here is what the server log says:

Sun Oct 23 20:31:05 2022 daemon.notice netifd: Interface 'wgserver' is setting up now\nSun Oct 23 20:31:06 2022 daemon.notice netifd: Interface 'wgserver' is now up\nSun Oct 23 20:31:06 2022 daemon.notice netifd: Network device 'wgserver' link is up\nSun Oct 23 20:31:06 2022 kern.info kernel: [ 27.026473] IPv6: ADDRCONF(NETDEV_UP): wgserver: link is not ready\nSun Oct 23 20:31:11 2022 user.notice firewall: Reloading firewall due to ifup of wgserver (wgserver)\n

Any help would be greatly appreciated!

alzhao · October 28, 2022, 2:21am

It just looks like the server is not available. So you need to check the basic info of the server router, e.g. IP address etc.