Closed timkgh closed 3 years ago
Just following the Upgrade instructions. Not sure if I got into a bad state now and how I can recover from it but I'm trying to avoid a reboot.
@timkgh Please share your config by using the following command in operational mode. show configuration commands | grep "wireguard wg"
Redacted version. Keys are correct, etc. This setup has worked for a couple years.
$ show configuration commands | grep "wireguard wg"
set interfaces wireguard wg0 listen-port xxxxx
set interfaces wireguard wg0 peer xxx allowed-ips 10.x.x.x/32
set interfaces wireguard wg0 peer xxx preshared-key xxx
set interfaces wireguard wg0 peer xxx allowed-ips 10.x.x.x/32
set interfaces wireguard wg0 peer xxx preshared-key xxx
set interfaces wireguard wg0 private-key xxx
set interfaces wireguard wg0 route-allowed-ips false
set interfaces wireguard wg1 firewall in name WG1_IN
set interfaces wireguard wg1 firewall local name WG1_LOCAL
set interfaces wireguard wg1 peer xxx allowed-ips 10.y.y.y/32
set interfaces wireguard wg1 peer xxx endpoint 'x.x.x.x:xxxx'
set interfaces wireguard wg1 peer xxx preshared-key xxx
set interfaces wireguard wg1 private-key xxx
set interfaces wireguard wg1 route-allowed-ips false
route-allowed-ips false
because I was trying to upgrade and this is the state it's currently in.
Please report what the output of dpkg-query -s wireguard | grep Version
is. What configuration changes did you attempt that gave you the errors? Did you try to commit delete interfaces wireguard
?
If your router is in a state where the configuration doesn't match the OS, it is usually quicker to reboot the router than it is to fix the broken state. I understand that if you are managing the router via the WireGuard tunnel this can be problematic. If this was the case, my advice would be to open SSH on the firewall, with your public IP address as the source, while you resolve the problem.
$ dpkg-query -s wireguard | grep Version
Version: 1.0.20210219-4
Yes I did delete interfaces wireguard
as part of the Upgrade instructions.
I'll try and reboot it when I get a chance.
Reboot fixed it. Not sure how it got into that state during the upgrade.
Config used to work with previous releases but not with this one:
e300-v2-v1.0.20210219-v1.0.20210223.deb
on an ER-12Wireguard 1.0.20210219 IPv6 duplicate route fix