Wireguard Client no longer working following factory restart

Hello,

I have a Flint 2 router operating as Wireguard server and a Slate AX router for client.

I set the tunnel up two weeks ago, and all was running smoothly. I've brought my client router to a number of different locations, and all has been fine. I recently factory reset my router, as it was not detecting WAN port from a new modem all of a sudden - the router is functional since then through ethernet, but the wireguard tunnel is not. No changes were made on the server side.

Here is the config I'm working with:
[Interface]
Address = 10.0.0.2/24
PrivateKey = key
DNS = 64.6.64.6
MTU = 1280

[Peer]
AllowedIPs = 0.0.0.0/0,::/0
Endpoint = xxxxx.glddns.com:51820
PersistentKeepalive = 25
PublicKey = key

I think my server is working properly, and port forwarding does not look to be the issue as it was working just fine before the factory reset. I just can't seem to decipher the problem from the below logs (i'm a beginner here):

Mon Aug 5 21:48:54 2024 daemon.notice netifd: Interface 'wgclient' is setting up now
Mon Aug 5 21:50:38 2024 user.notice wireguard-debug: USER=root ifname=wgclient ACTION=REKEY-GIVEUP SHLVL=2 HOME=/ HOTPLUG_TYPE=wireguard LOGNAME=root DEVICENAME= TERM=linux SUBSYSTEM=wireguard PATH=/usr/sbin:/usr/bin:/sbin:/bin PWD=/
Mon Aug 5 21:50:38 2024 daemon.notice netifd: Interface 'wgclient' is now down
Mon Aug 5 21:50:38 2024 daemon.notice netifd: Interface 'wgclient' is setting up now
Mon Aug 5 21:50:38 2024 user.notice firewall: Reloading firewall due to ifdown of wgclient ()
Mon Aug 5 21:51:19 2024 daemon.notice netifd: Interface 'wgclient' is now down
Mon Aug 5 21:51:19 2024 user.notice firewall: Reloading firewall due to ifdown of wgclient ()

Anyone got any ideas? I'm happy to provide any further information if needed.

Thank you!

Please check if your DDNS address still resolves to the correct IP and read How to troubleshoot WireGuard as well.

You can test the same config on your phone or pc.

It looks just like the server is down. Generally two reasons:

  1. ddns not updated correct
  2. local IP of the server changed causing the port forward not working correctly.

Happy to test the server, but it was working just fine prior to the client router factory reset.

At first glance, it doesn’t look like a server issue. Is there ever a situation where a reset of one side causes issues when trying to reestablish the relationship between the two? If you say no, I will work solely on shoring up the server.

Pls test as I said and you will find the root problem quickly.

I just rebuilt port forwarding as I saw the private IP address of the server router changed, and it worked! Thank you!

Can you help me understand how often/why the private IP of the router changes? I’d like to not have to update the port as often as this if possible…is there a way to automate this change? Thanks!

It depends on your main router. When the GL.iNet router asks for DHCP renew, it could give a new IP. Generally it does not change IP. But this could happen if there are many devices connected.

So solutions:

  1. Use static IP on the GL.iNet router. Just copy the current IP and subnet info of DHCP and change to static.
  2. IN your main router, reserve a static IP for the GL.iNet.

Thanks so much! It failed earlier today again and I ended up changing my gl inet IP to static and looks to be working now.

Should I also reserve a static IP for my gl inet within my main router? Or is step 1 that I’ve already completed enough to ensure the IP doesn’t change/break the port forward. Thanks again for your help.

Do you have a lot of devices connected to your main router?

If not, then static IP should be OK. Seldom it will have IP conflict.

One thing that you can do is use static IP outside of your DHCP ranges.
For example, in our routers, the DHCP is from .100 to .150 by default.
So if you use static IP .10 it will never confict with DHCP IP addresses.

I see - no not a lot. Not more than a normal 1 person household.

If I do notice it goes down, I’ll reserve an address for it. Thank you.

1 Like