Client Peer doesn't retrying new connection after public ip change

[Flavinux]

Hello, I setup wireguard successfuly on USGW3, it works pretty weel until public ipv4 change. I use it as client because of multiple NAT above,
" allowed ips: xxxxxxx/24 latest handshake: 4 hours, 32 minutes, 35 seconds ago transfer: 10.26 GiB received, 246.18 GiB sent persistent keepalive: every 15 seconds " There is a way to restart the peer like wg-quick up/down without restarting usg? Thanks in advance,

Flav

[dc361]

You may want to post your question on UI.Com's forums as there are probably more USG users there rather than here on the developer's bug reporting area.

On my ERs I create shell scripts that updates the IP address of the remote endpoint using the domain name of the peer. This assumes that you are using ddns or some other automatically updated domain name on the remote peer.

The command that does this is:

sudo wg set wg0 peer Whateverthepeerkeyis= endpoint somehost.homedns.org:51820

[Flavinux]

Hello thanks yo reply, the issue is not due to server Ip which does not change , but client/peer, the handchange appear 14hours Even if I restart down/up wgX on server, the USG-3P doesn't reconnect automatically, (with pptp i haven't this issue). thanks anyway,

Flav

[crickes]

I've noticed a similar behaviour. I have an ER-X talking through a 4G modem to a central server. Periodically, the 4G network will terminate the connection and I get a new CGNATed IPv4 IP address on the 4G modem. When this happens, the Wireguard connection fails and the regular handshake stops working. If I reboot the ER-X, it starts up again and continues working until the next time the mobile operator resets the session. Prior to using Wireguard, I was using ZeroTier and the same thing would happen but with ZeroTier I could restart the ZeroTier service to restore connection rather than reboot the router. I'm looking for a way to restart the WireGuard session without rebooting the router.

[whiskerz007]

@crickes With the release of 1.0.20210219-4, you should be able to disable the WireGuard interface and then enable the interface to restore the connection.

[crickes]

@whiskerz007 I've just upgraded and tested this. If I disable and quickly re-enable, it doesn't seem to work but if I leave it disabled for a bit longer, say a minute, before re-enabling, it seems to come back ok. I'm looking to write a script to detect the outage and bounce the connection automatically so keen to understand how long the interface needs to be down for before attempting to bring it back up.

[whiskerz007]

@crickes #73 should help to quickly reconnect. With that PR, when you disable a peer, it will be removed from WireGuard. When enabling the peer it will behave the same way when you create the peer. One test you can use in your script is to check the last handshake. The handshake process seems to be done every 120 seconds.