Currently running v4.7.0 on GL-MT3000. Using a Unifi UDM Pro at home hosting Wireguard server, and running the MT3000 as client as I travel around.
I'm currently in a country where most VPNs are blocked and want to turn off Wireguard's keep alive to make it more invisible.
However, the only way I could do that is write that into the conf file for Wireguard client the first time I import it <PersistentKeepalive = 0>, otherwise if I try to edit anything in the config from the admin panel or app, it will change it from 0/empty to 25.
Seems like there may be something broken in the firmware that's forcing the keep alive setting at the default of 25, is there a fix coming for that?
NAT and Firewall Traversal Persistence
By default, WireGuard tries to be as silent as possible when not being used; it is not a chatty protocol. For the most part, it only transmits data when a peer wishes to send packets. When it's not being asked to send packets, it stops sending packets until it is asked again. In the majority of configurations, this works well. However, when a peer is behind NAT or a firewall, it might wish to be able to receive incoming packets even when it is not sending any packets. Because NAT and stateful firewalls keep track of "connections", if a peer behind NAT or a firewall wishes to receive incoming packets, he must keep the NAT/firewall mapping valid, by periodically sending keepalive packets. This is called persistent keepalives. When this option is enabled, a keepalive packet is sent to the server endpoint once every interval seconds. A sensible interval that works with a wide variety of firewalls is 25 seconds. Setting it to 0 turns the feature off, which is the default, since most users will not need this, and it makes WireGuard slightly more chatty. This feature may be specified by adding the PersistentKeepalive = field to a peer in the configuration file, or setting persistent-keepalive at the command line. If you don't need this feature, don't enable it. But if you're behind NAT or a firewall and you want to receive incoming connections long after network traffic has gone silent, this option will keep the "connection" open in the eyes of NAT.
I understand the keep alive feature, however the issue I’m running into here is that with the current 4.7.0, I can not make changes to it on the fly.
If I set it to =0 in conf file, and make change changes to the conf within admin interface, it will change the keep alive to =25. It I try to change it from 25 to 0 it will not save properly