Wire guard VPN showing "the client is starting, please wait..." and not able to access good cloud after home router rebooted

Hello I have a Slate AX travel router that is trying to access my Flint (GL-AX1800) home router. I configured everything before I left as well as I know. There was a blackout in my neighborhood back home, ever since every time I try to enable my Wireguard VPN and it throws me “The client is starting, please wait…”. I tried to access my goodcloud account but it is giving “Unfortunately you’re not authorized to access this page”. Here is my config and log on my Slate:

Configuration:
[Interface]
Address = 10.0.0.2/24
ListenPort = 45100
PrivateKey = XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX=
DNS = 64.6.64.6
MTU = 1420

[Peer]
AllowedIPs = 0.0.0.0/0, ::/0
Endpoint = xxx0000.glddns.com:51820
PersistentKeepalive = 25
PublicKey = XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX=

Log:

Wed Jan 17 16:04:43 2024 daemon.notice netifd: wgclient (16054):    * Zone 'lan'\n
Wed Jan 17 16:04:43 2024 daemon.notice netifd: wgclient (16054):    * Zone 'wan'\n
Wed Jan 17 16:04:43 2024 daemon.notice netifd: wgclient (16054):    * Zone 'guest'\n
Wed Jan 17 16:04:43 2024 daemon.notice netifd: wgclient (16054):    * Zone 'wgclient'\n
Wed Jan 17 16:04:43 2024 daemon.notice netifd: wgclient (16054):  * Set tcp_ecn to off\n
Wed Jan 17 16:04:43 2024 daemon.notice netifd: wgclient (16054):  * Set tcp_syncookies to on\n
Wed Jan 17 16:04:43 2024 daemon.notice netifd: wgclient (16054):  * Set tcp_window_scaling to on\n
Wed Jan 17 16:04:43 2024 daemon.notice netifd: wgclient (16054):  * Running script '/etc/firewall.nat6'\n
Wed Jan 17 16:04:43 2024 daemon.notice netifd: wgclient (16054):  * Running script '/etc/firewall.swap_wan_in_conn_mark.sh'\n
Wed Jan 17 16:04:43 2024 daemon.notice netifd: wgclient (16054):  * Running script '/var/etc/gls2s.include'\n
Wed Jan 17 16:04:43 2024 daemon.notice netifd: wgclient (16054):    ! Skipping due to path error: No such file or directory\n
Wed Jan 17 16:04:43 2024 daemon.notice netifd: wgclient (16054):  * Running script '/usr/bin/gl_block.sh'\n
Wed Jan 17 16:04:43 2024 daemon.notice netifd: wgclient (16054):  * Running script '/etc/firewall.vpn_server_policy.sh'\n
Wed Jan 17 16:04:43 2024 daemon.notice netifd: wgclient (16054): Failed to parse json data: unexpected character\n
Wed Jan 17 16:04:43 2024 daemon.notice netifd: wgclient (16054): uci: Entry not found\n
Wed Jan 17 16:04:43 2024 daemon.notice netifd: wgclient (16054): cat: can't open '/tmp/run/wg_resolved_ip': No such file or directory\n
Wed Jan 17 16:04:43 2024 daemon.notice netifd: Interface 'wgclient' is now down\n
Wed Jan 17 16:04:43 2024 daemon.notice netifd: Interface 'wgclient' is setting up now\n
Wed Jan 17 16:04:44 2024 user.notice mwan3[16237]: Execute ifdown event on interface wgclient (unknown)\n
Wed Jan 17 16:04:45 2024 user.notice firewall: Reloading firewall due to ifdown of wgclient ()\n

Does the DDNS address resolve to your actual IP?

cat /tmp/run/wg_resolved_ip ; I bet there’s no output.

@garuk_01
Scan :51820/UDP of your WG Server Public IP; make sure that endpoint is reachable. IP Leak from WG Server will get it for you:

1 Like

It says my UDP is Open | filtered. Does this mean it is reachable?

It means that the scanner wasn’t able to detect whether it’s open or closed.
The only thing the scanner can detect is that the package was not rejected.

So it might be dropped (so firewall says No) or the service does not answer for random queries (so it’s open but you can’t talk to it without the right protocol)

FTFY.

@garuk_01

It looks good. Now I suspect it’s the ddns service… so let’s remove it from the equation: ‘clone’ your WG client conf but use the 192.168.8.1 address of the WG Server within it. Try connecting from a LAN-side device… as if all comms between the two are encrypted.

Beforehand check that the glddns is reflecting your proper Public IP, per @admon 's suggestion.

Thanks for the links. :+1: :link:
I didn’t know about IPVoid :mag_right:

1 Like