WireGuard does not work on Opal

I recently purchased an Opal to use while on vacation and I'm at home in the process of setting everything up in preperation for a trip.

I found this thread after doing a Google search for my issue using the WG client in the Opal.

I constantly get this error in the logs

Sat May 25 09:43:18 2024 daemon.notice netifd: Interface 'wgclient' is now down
Sat May 25 09:59:13 2024 daemon.notice netifd: Interface 'wgclient' is setting up now
Sat May 25 09:59:19 2024 kern.info kernel: [ 8021.913868] wireguard: wireguard-hotplug IFNAME=wgclient ACTION=REKEY-TIMEOUT
Sat May 25 09:59:24 2024 kern.info kernel: [ 8027.353451] wireguard: wireguard-hotplug IFNAME=wgclient ACTION=REKEY-TIMEOUT

I am using a Unifi Dream Router which has a Wireguard Server built in.
I'm on a static IP from my ISP.
As the router is the WG server is does all the necessary port opening automatically.
As I have a static WAN IP from my ISP I don't need any DDNS so that isn't an issue.
I am using the WG client in my GL-SFT1200 that's running firware 4.3.11
The WG config has been downloaded and tested on an iPhone 13 pro and Macbook Pro with no issues.

Please can I get some help to have the SFT1200 WG client connect to my WG Server?

Hey :wave:t2:

please have a look into this thread: How to troubleshoot WireGuard

Thanks for that but it's not actualy what the issue is.

The issue is specifically witth the SFT1200. I've already proven that the WG server and config works as it's been used on multiple other devices.

The issue is with the SFT1200 as the WG client that from reading the various posts many others seem to have had.

Did you double-check that there is no IP conflict?

yes that's something I checked, within the VPN network there are now only 2 devices each with it's own IP on the VPN subnet.

The error in the logs is still

Sat May 25 11:57:48 2024 daemon.notice netifd: Interface 'wgclient' is setting up now
Sat May 25 11:57:55 2024 kern.info kernel: [15137.738422] wireguard: wireguard-hotplug IFNAME=wgclient ACTION=REKEY-TIMEOUT
Sat May 25 11:58:00 2024 kern.info kernel: [15143.497909] wireguard: wireguard-hotplug IFNAME=wgclient ACTION=REKEY-TIMEOUT
Sat May 25 11:58:06 2024 kern.info kernel: [15149.270055] wireguard: wireguard-hotplug IFNAME=wgclient ACTION=REKEY-TIMEOUT```

Please provide a network diagram including the IP addresses.

As stated before, for troubleshooting reasons, a network diagram is needed :wink:
You can use draw.io to create one.

Some other guess: I never saw an entry like

Address = 192.168.2.2/32

before. Are you sure it shouldn't be /24?

Hopefully that's what you need. The IP thing is typo and I've just updated it but still have the same issue so don't think that iss the cause.

Where is the Opal itself?

Do you connect it by Tethering?

it's connected in repeater mode currently

Please try without being connected to the upstream router, like using tethering or a different internet connection.

It's mostly not supported to connect by WireGuard to the network you are currently connected to.

Tried this while I was away and connected to the hotel wifi. The same VPN log error happened everytime when trying to connect to the VPN server.

The config worked perfectly on iPhone and iPad connected to the same hotel wifi so it does again point directly to the Opal as the issue.

Unfortunately, I am out of ideas here, if you checked everything that I described.
My point about "no duplicated network" is pretty important - but you said you double-checked it.

I just solve this with another case.

The log appear when there is timeout. But this should not interrupt the wireguard, right?

We optimized the timeout problem and this will be updated in next release.

1 Like

Maybe you can share a shell command to quick-fix (and test) this?