Wireguard Session Manager - Discussion (3rd) thread

ZebMcKayhan

Very Senior Member
wg11 auto=P

wg_manager stop
Requesting WireGuard® VPN Peer stop (wg21 wg11)
wg_manager-serverwg21: WireGuard® VPN 'Server' Peer (wg21) on 10.50.1.1:51830 (# RT-AC86U Server #1) Terminated
wg_manager-clientwg11: WireGuard® VPN 'client' Peer (wg11) to XXX.XXX.XXX.XXX:63665 (# N/A) Terminated
wg11: transfer: 1.69 MiB received, 510.63 KiB sent 0 Days, 00:03:16 since Mon Jul 18 16:50:51 2022 >>>>>> Mon Jul 18 16:54:07 2022
wg11: period : 1.69 MiB received, 510.63 KiB sent (Rx=1772093;Tx=522885)

wg_manager start
Requesting WireGuard® VPN Peer start (wg21 wg11)
wg_manager-serverwg21: Initialising WireGuard® VPN 'Server' Peer (wg21) on 10.50.1.1:51830 (# RT-AC86U Server #1)
wg_manager-serverwg21: Initialisation complete.
wg_manager-clientwg11: Initialising WireGuard® VPN 'client' Peer (wg11) in Policy Mode to XXX.XXX.XXX.XXX:63665 (# N/A) DNS=8.8.8.8,8.8.4.4
wg_manager-clientwg11: Initialisation complete.
And after this wg11 is working again?

Please follow @Martineau advice to track down when and what is causing the issue with the missing wg11 firewall rules:
https://www.snbforums.com/threads/session-manager-discussion-3rd-thread.78317/post-777721
 
Last edited:

NoName79

New Around Here
I suggest you schedule a cron job to dump diagnostics to Syslog, to give you a definitive indication of when (and how) the issue occurs.
e.g. every 5mins
Code:
cru a debugwg "0/5 * * * *" wgm diag >>/tmp/syslog.log

cru l

I have the same problem and need to restart wgm. Restart wg11 doesn´t help.

The problem is the daily forced disconnection ( every 24h) of DSL access.

Here is my syslog.log 30 seconds before and after the disconnection. (Could not post more due to the 10000 characters limit)

Code:
Jul 18 22:12:18 kernel: wl0: random key value: 76A50CC8DB5BE85776F3011E26F9CEF143963E1334070541A5EE7BB8D6532E36
Jul 18 22:12:18 wlceventd: wlceventd_proc_event(469): eth6: Deauth_ind A4:CF:12:DC:B4:00, status: 0, reason: Deauthenticated because sending station is leaving (or has left) IBSS or ESS (3)
Jul 18 22:12:18 wlceventd: wlceventd_proc_event(505): eth6: Auth A4:CF:12:DC:B4:00, status: Successful (0)
Jul 18 22:12:18 hostapd: eth6: STA a4:cf:12:dc:b4:00 IEEE 802.11: disassociated
Jul 18 22:12:18 wlceventd: wlceventd_proc_event(534): eth6: Assoc A4:CF:12:DC:B4:00, status: Successful (0)
Jul 18 22:12:18 hostapd: eth6: STA a4:cf:12:dc:b4:00 IEEE 802.11: associated
Jul 18 22:12:18 wlceventd: wlceventd_proc_event(469): eth6: Deauth_ind A4:CF:12:DC:B4:00, status: 0, reason: Previous authentication no longer valid (2)
Jul 18 22:12:18 hostapd: eth6: STA a4:cf:12:dc:b4:00 IEEE 802.11: disassociated
Jul 18 22:12:18 wlceventd: wlceventd_proc_event(469): eth6: Deauth_ind A4:CF:12:DC:B4:00, status: 0, reason: Previous authentication no longer valid (2)
Jul 18 22:12:18 hostapd: eth6: STA a4:cf:12:dc:b4:00 IEEE 802.11: disassociated
Jul 18 22:12:19 wlceventd: wlceventd_proc_event(505): eth6: Auth A4:CF:12:DC:B4:00, status: Successful (0)
Jul 18 22:12:19 wlceventd: wlceventd_proc_event(534): eth6: Assoc A4:CF:12:DC:B4:00, status: Successful (0)
Jul 18 22:12:19 hostapd: eth6: STA a4:cf:12:dc:b4:00 IEEE 802.11: associated
Jul 18 22:12:19 hostapd: eth6: STA a4:cf:12:dc:b4:00 RADIUS: starting accounting session 29C1A997074A1168
Jul 18 22:12:19 hostapd: eth6: STA a4:cf:12:dc:b4:00 WPA: pairwise key handshake completed (RSN)
Jul 18 22:12:27 kernel: blog_link: 33 callbacks suppressed
Jul 18 22:12:27 kernel: blog_link:overwriting ct_p=ffffffc02bec2650, new_ct=ffffffc02e396650 idx=0
Jul 18 22:12:27 kernel:     NFCT: ct<0xffffffc02bec2650>, master<0x          (null)>
Jul 18 22:12:27 kernel:         F_NAT<ffffffc02d1c3878> keys[0x00000000 0x00000000] dir<DIR_ORIG>
Jul 18 22:12:27 kernel:         help<0x          (null)> helper<NONE> status=8000018e refcnt=3 zone=0
Jul 18 22:12:27 kernel: tuple ffffffc02bec26e8: 17 192.168.178.7:49430 -> 93.102.100.35:1199
Jul 18 22:12:27 kernel: tuple ffffffc02bec2720: 17 93.102.100.35:1199 -> 192.168.178.7:49430
Jul 18 22:12:27 kernel:         STATUS[ IPS_SEEN_REPLY_BIT IPS_ASSURED_BIT IPS_CONFIRMED_BIT IPS_SRC_NAT_DONE_BIT IPS_DST_NAT_DONE_BIT IPS_BLOG_BIT ]
Jul 18 22:12:27 kernel:     NFCT: ct<0xffffffc02e396650>, master<0x          (null)>
Jul 18 22:12:27 kernel:         F_NAT<ffffffc02a4a33f8> keys[0x00000000 0x00000000] dir<DIR_ORIG>
Jul 18 22:12:27 kernel:         help<0x          (null)> helper<NONE> status=80000198 refcnt=2 zone=0
Jul 18 22:12:27 kernel: tuple ffffffc02e3966e8: 6 192.168.1.69:59197 -> 2.21.22.163:443
Jul 18 22:12:27 kernel: tuple ffffffc02e396720: 6 2.21.22.163:443 -> 10.1.1.64:59197
Jul 18 22:12:27 kernel:         STATUS[ IPS_CONFIRMED_BIT IPS_SRC_NAT_BIT IPS_SRC_NAT_DONE_BIT IPS_DST_NAT_DONE_BIT IPS_BLOG_BIT ]
Jul 18 22:12:27 kernel: blog_link:overwriting ct_p=ffffffc02bec2650, new_ct=ffffffc02e396650 idx=0
Jul 18 22:12:27 kernel:     NFCT: ct<0xffffffc02bec2650>, master<0x          (null)>
Jul 18 22:12:27 kernel:         F_NAT<ffffffc02d1c3878> keys[0x00000000 0x00000000] dir<DIR_ORIG>
Jul 18 22:12:27 kernel:         help<0x          (null)> helper<NONE> status=8000018e refcnt=5 zone=0
Jul 18 22:12:27 kernel: tuple ffffffc02bec26e8: 17 192.168.178.7:49430 -> 93.102.100.35:1199
Jul 18 22:12:27 kernel: tuple ffffffc02bec2720: 17 93.102.100.35:1199 -> 192.168.178.7:49430
Jul 18 22:12:27 kernel:         STATUS[ IPS_SEEN_REPLY_BIT IPS_ASSURED_BIT IPS_CONFIRMED_BIT IPS_SRC_NAT_DONE_BIT IPS_DST_NAT_DONE_BIT IPS_BLOG_BIT ]
Jul 18 22:12:27 kernel:     NFCT: ct<0xffffffc02e396650>, master<0x          (null)>
Jul 18 22:12:27 kernel:         F_NAT<ffffffc02a4a33f8> keys[0x00000000 0x00000000] dir<DIR_ORIG>
Jul 18 22:12:27 kernel:         help<0x          (null)> helper<NONE> status=8000019e refcnt=3 zone=0
Jul 18 22:12:27 kernel: tuple ffffffc02e3966e8: 6 192.168.1.69:59197 -> 2.21.22.163:443
Jul 18 22:12:27 kernel: tuple ffffffc02e396720: 6 2.21.22.163:443 -> 10.1.1.64:59197
Jul 18 22:12:27 kernel:         STATUS[ IPS_SEEN_REPLY_BIT IPS_ASSURED_BIT IPS_CONFIRMED_BIT IPS_SRC_NAT_BIT IPS_SRC_NAT_DONE_BIT IPS_DST_NAT_DONE_BIT IPS_BLOG_BIT ]
Jul 18 22:12:27 kernel: blog_link:overwriting ct_p=ffffffc02bec2650, new_ct=ffffffc02e396650 idx=0
Jul 18 22:12:27 kernel:     NFCT: ct<0xffffffc02bec2650>, master<0x          (null)>
Jul 18 22:12:27 kernel:         F_NAT<ffffffc02d1c3878> keys[0x00000000 0x00000000] dir<DIR_ORIG>
Jul 18 22:12:27 kernel:         help<0x          (null)> helper<NONE> status=8000018e refcnt=5 zone=0
Jul 18 22:12:28 kernel: tuple ffffffc02bec26e8: 17 192.168.178.7:49430 -> 93.102.100.35:1199
Jul 18 22:12:28 kernel: tuple ffffffc02bec2720: 17 93.102.100.35:1199 -> 192.168.178.7:49430
Jul 18 22:12:28 kernel:         STATUS[ IPS_SEEN_REPLY_BIT IPS_ASSURED_BIT IPS_CONFIRMED_BIT IPS_SRC_NAT_DONE_BIT IPS_DST_NAT_DONE_BIT IPS_BLOG_BIT ]
Jul 18 22:12:28 kernel:     NFCT: ct<0xffffffc02e396650>, master<0x          (null)>
Jul 18 22:12:28 kernel:         F_NAT<ffffffc02a4a33f8> keys[0x00000000 0x00000000] dir<DIR_ORIG>
Jul 18 22:12:28 kernel:         help<0x          (null)> helper<NONE> status=8000019e refcnt=4 zone=0
Jul 18 22:12:28 kernel: tuple ffffffc02e3966e8: 6 192.168.1.69:59197 -> 2.21.22.163:443
Jul 18 22:12:28 kernel: tuple ffffffc02e396720: 6 2.21.22.163:443 -> 10.1.1.64:59197
Jul 18 22:12:28 kernel:         STATUS[ IPS_SEEN_REPLY_BIT IPS_ASSURED_BIT IPS_CONFIRMED_BIT IPS_SRC_NAT_BIT IPS_SRC_NAT_DONE_BIT IPS_DST_NAT_DONE_BIT IPS_BLOG_BIT ]
Jul 18 22:12:36 kernel: wl0: random key value: 5A27C50E59B4FFB35D550322760E07B79D8A71DC6D8F04F7ACB1FA6B94DE6FEA
Jul 18 22:12:36 wlceventd: wlceventd_proc_event(469): eth6: Deauth_ind A4:CF:12:DC:B4:00, status: 0, reason: Deauthenticated because sending station is leaving (or has left) IBSS or ESS (3)
Jul 18 22:12:36 wlceventd: wlceventd_proc_event(505): eth6: Auth A4:CF:12:DC:B4:00, status: Successful (0)
Jul 18 22:12:36 hostapd: eth6: STA a4:cf:12:dc:b4:00 IEEE 802.11: disassociated
Jul 18 22:12:36 wlceventd: wlceventd_proc_event(534): eth6: Assoc A4:CF:12:DC:B4:00, status: Successful (0)
Jul 18 22:12:36 hostapd: eth6: STA a4:cf:12:dc:b4:00 IEEE 802.11: associated
Jul 18 22:12:36 wlceventd: wlceventd_proc_event(469): eth6: Deauth_ind A4:CF:12:DC:B4:00, status: 0, reason: Previous authentication no longer valid (2)
Jul 18 22:12:36 hostapd: eth6: STA a4:cf:12:dc:b4:00 IEEE 802.11: disassociated
Jul 18 22:12:37 hostapd: eth6: STA a4:cf:12:dc:b4:00 IEEE 802.11: disassociated
Jul 18 22:12:37 wlceventd: wlceventd_proc_event(469): eth6: Deauth_ind A4:CF:12:DC:B4:00, status: 0, reason: Previous authentication no longer valid (2)
Jul 18 22:12:37 wlceventd: wlceventd_proc_event(505): eth6: Auth A4:CF:12:DC:B4:00, status: Successful (0)
Jul 18 22:12:37 hostapd: eth6: STA a4:cf:12:dc:b4:00 IEEE 802.11: associated
Jul 18 22:12:37 wlceventd: wlceventd_proc_event(534): eth6: Assoc A4:CF:12:DC:B4:00, status: Successful (0)
Jul 18 22:12:37 hostapd: eth6: STA a4:cf:12:dc:b4:00 RADIUS: starting accounting session 1C0123CEDBF15F06
Jul 18 22:12:37 hostapd: eth6: STA a4:cf:12:dc:b4:00 WPA: pairwise key handshake completed (RSN)
Jul 18 22:12:54 kernel: wl0: random key value: A5D583308C28D2AB1DD601A1CE023616261E4A66C8D403CA40248C11A76486E3
Jul 18 22:12:54 wlceventd: wlceventd_proc_event(469): eth6: Deauth_ind A4:CF:12:DC:B4:00, status: 0, reason: Deauthenticated because sending station is leaving (or has left) IBSS or ESS (3)
Jul 18 22:12:54 wlceventd: wlceventd_proc_event(505): eth6: Auth A4:CF:12:DC:B4:00, status: Successful (0)
Jul 18 22:12:54 hostapd: eth6: STA a4:cf:12:dc:b4:00 IEEE 802.11: disassociated
Jul 18 22:12:54 wlceventd: wlceventd_proc_event(534): eth6: Assoc A4:CF:12:DC:B4:00, status: Successful (0)
Jul 18 22:12:54 hostapd: eth6: STA a4:cf:12:dc:b4:00 IEEE 802.11: associated
Jul 18 22:12:54 wlceventd: wlceventd_proc_event(469): eth6: Deauth_ind A4:CF:12:DC:B4:00, status: 0, reason: Previous authentication no longer valid (2)
Jul 18 22:12:54 hostapd: eth6: STA a4:cf:12:dc:b4:00 IEEE 802.11: disassociated
Jul 18 22:12:55 wlceventd: wlceventd_proc_event(469): eth6: Deauth_ind A4:CF:12:DC:B4:00, status: 0, reason: Previous authentication no longer valid (2)
Jul 18 22:12:55 hostapd: eth6: STA a4:cf:12:dc:b4:00 IEEE 802.11: disassociated
Jul 18 22:12:55 wlceventd: wlceventd_proc_event(505): eth6: Auth A4:CF:12:DC:B4:00, status: Successful (0)
Jul 18 22:12:55 hostapd: eth6: STA a4:cf:12:dc:b4:00 IEEE 802.11: associated
Jul 18 22:12:55 wlceventd: wlceventd_proc_event(534): eth6: Assoc A4:CF:12:DC:B4:00, status: Successful (0)
Jul 18 22:12:55 hostapd: eth6: STA a4:cf:12:dc:b4:00 RADIUS: starting accounting session 6ECD14ABDA9F7444
Jul 18 22:12:55 hostapd: eth6: STA a4:cf:12:dc:b4:00 WPA: pairwise key handshake completed (RSN)
 
Last edited:

ZebMcKayhan

Very Senior Member
I have the same problem and need to restart wgm. Restart wg11 doesn´t help.
What do you mean by restart wgm? It is not running constantly. Restart wg11 reset everything with the peer.

The problem is the daily forced disconnection ( every 24h) of DSL access.
I don't have DSL so I dont know if I'm of any help, but you will need to figure out what is happening to your router. Following @Martineau advice you replied to is a good start!
There is nothing in the logs you provide that gives any info about what is happening. Wireguard doesnt need to "reconnect" the only reason to start/stop is to re-apply all routes and firewall rules.
 

Ellenswamy

Regular Contributor
I am having an odd issue with the web in the adding section. I have 1 persistent tab that always show no matter if the USB is attached or not, and then once I attach the USB drive another tab appears. Any ideas on how to fix this?
 

Martineau

Part of the Furniture
I am having an odd issue with the web in the adding section. I have 1 persistent tab that always show no matter if the USB is attached or not, and then once I attach the USB drive another tab appears. Any ideas on how to fix this?
Which version of wg_manager/wg_manager.asp ?

Issue the following (NOTE: you may be using a different userX.asp mount point)
Code:
e  = Exit Script [?]

E:Option ==> www unmount

    WebUI page 'user2.asp' ('wg_manager.asp') unmounted
then the following to debug
Code:
ls -lah /tmp/var/wwwext | grep -TE "user[1-9]+.*";grep -TH . /tmp/var/wwwext/*.title;grep -THE "user[1-9]\." /tmp/menuTree.js | sort
and post the output

or Reboot?
 

Ellenswamy

Regular Contributor
Which version of wg_manager/wg_manager.asp ?

Issue the following (NOTE: you may be using a different userX.asp mount point)
Code:
e  = Exit Script [?]

E:Option ==> www unmount

    WebUI page 'user2.asp' ('wg_manager.asp') unmounted
then the following to debug
Code:
ls -lah /tmp/var/wwwext | grep -TE "user[1-9]+.*";grep -TH . /tmp/var/wwwext/*.title;grep -THE "user[1-9]\." /tmp/menuTree.js | sort
and post the output
running the latest version . 4.18

E:Option ==> www unmount

WebUI page 'user6.asp' ('wg_manager.asp') unmounted

E:Option ==> ls -lah /tmp/var/wwwext | grep -TE "user[1-9]+.*";grep -TH . /tmp/var/wwwext/*.title;grep -THE "user[1-9]\." /tmp/menuTree.js | sort

Invalid Option "ls -lah /tmp/var/wwwext | grep -TE "user[1-9]+.*";grep -TH . /tmp/var/wwwext/*.title;grep -THE "user[1-9]\." /tmp/menuTree.js | sort" Please enter a valid option
 

Martineau

Part of the Furniture
running the latest version . 4.18

E:Option ==> www unmount

WebUI page 'user6.asp' ('wg_manager.asp') unmounted

E:Option ==> ls -lah /tmp/var/wwwext | grep -TE "user[1-9]+.*";grep -TH . /tmp/var/wwwext/*.title;grep -THE "user[1-9]\." /tmp/menuTree.js | sort

Invalid Option "ls -lah /tmp/var/wwwext | grep -TE "user[1-9]+.*";grep -TH . /tmp/var/wwwext/*.title;grep -THE "user[1-9]\." /tmp/menuTree.js | sort" Please enter a valid option
The following should be entered at the command prompt; not at the wg_manager prompt.
Code:
 ls -lah /tmp/var/wwwext | grep -TE "user[1-9]+.*";grep -TH . /tmp/var/wwwext/*.title;grep -THE "user[1-9]\." /tmp/menuTree.js | sort
 

Ellenswamy

Regular Contributor
The following should be entered at the command prompt; not at the wg_manager prompt.
Code:
 ls -lah /tmp/var/wwwext | grep -TE "user[1-9]+.*";grep -TH . /tmp/var/wwwext/*.title;grep -THE "user[1-9]\." /tmp/menuTree.js | sort
haha that's right :)

GT-AX11000-EF40:/tmp/home/root# ls -lah /tmp/var/wwwext | grep -TE "user[1-9]+.*";grep -TH . /tmp/var/wwwext/*.ti
tle;grep -THE "user[1-9]\." /tmp/menuTree.js | sort
-rw-rw-rw- 1 ellenswa root 45.8K Jul 19 07:04 user1.asp
-rw-rw-rw- 1 ellenswa root 4.5K Jul 19 07:07 user2.asp
-rw-rw-rw- 1 ellenswa root 34.2K Jul 19 07:07 user3.asp
-rw-rw-rw- 1 ellenswa root 35.3K Jul 19 07:33 user4.asp
-rw-rw-rw- 1 ellenswa root 10 Jul 19 07:33 user4.title
-rw-rw-rw- 1 ellenswa root 48.0K Jul 19 07:07 user5.asp
-rw-rw-rw- 1 ellenswa root 11 Jul 19 07:07 user5.title
/tmp/var/wwwext/user4.title: ntpMerlin
/tmp/var/wwwext/user5.title: uiDivStats
/tmp/menuTree.js: {url: "user1.asp", tabName: "WireGuard® Manager"},
/tmp/menuTree.js: {url: "user2.asp", tabName: "Diversion"},
/tmp/menuTree.js: {url: "user3.asp", tabName: "Unbound"},
/tmp/menuTree.js: {url: "user4.asp", tabName: "ntpMerlin"},
/tmp/menuTree.js: {url: "user5.asp", tabName: "uiDivStats"},


forgot to add, the menu was persistent through a reboot. After running www unmount I know only have 1 menu tab like expected
 
Last edited:

Martineau

Part of the Furniture
haha that's right :)

GT-AX11000-EF40:/tmp/home/root# ls -lah /tmp/var/wwwext | grep -TE "user[1-9]+.*";grep -TH . /tmp/var/wwwext/*.ti
tle;grep -THE "user[1-9]\." /tmp/menuTree.js | sort
-rw-rw-rw- 1 ellenswa root 45.8K Jul 19 07:04 user1.asp
-rw-rw-rw- 1 ellenswa root 4.5K Jul 19 07:07 user2.asp
-rw-rw-rw- 1 ellenswa root 34.2K Jul 19 07:07 user3.asp
-rw-rw-rw- 1 ellenswa root 35.3K Jul 19 07:33 user4.asp
-rw-rw-rw- 1 ellenswa root 10 Jul 19 07:33 user4.title
-rw-rw-rw- 1 ellenswa root 48.0K Jul 19 07:07 user5.asp
-rw-rw-rw- 1 ellenswa root 11 Jul 19 07:07 user5.title
/tmp/var/wwwext/user4.title: ntpMerlin
/tmp/var/wwwext/user5.title: uiDivStats
/tmp/menuTree.js: {url: "user1.asp", tabName: "WireGuard® Manager"},
/tmp/menuTree.js: {url: "user2.asp", tabName: "Diversion"},
/tmp/menuTree.js: {url: "user3.asp", tabName: "Unbound"},
/tmp/menuTree.js: {url: "user4.asp", tabName: "ntpMerlin"},
/tmp/menuTree.js: {url: "user5.asp", tabName: "uiDivStats"},
I suggest you Reboot

or

from the command line; Issue
Code:
sed -i '/WireGuard/d' /tmp/menuTree.js; rm /tmp/var/wwwext/user.*
then
Code:
e  = Exit Script [?]

E:Option ==> www mount

Also I suggest you should upgrade to the dev branch
Code:
e  = Exit Script [?]

E:Option ==> uf dev
 

NoName79

New Around Here
What do you mean by restart wgm? It is not running constantly. Restart wg11 reset everything with the peer.
I suggest you schedule a cron job to dump diagnostics to Syslog, to give you a definitive indication of when (and how) the issue occurs.

e.g. every 5mins
Code:
cru a debugwg "0/5 * * * *" wgm diag >>/tmp/syslog.log

cru l
Here is my complete syslog:

16:28 starting my router

16:31 manual disconnection in my DSL Fritzbox
-> no LAN device is online

16:33 restart wg11
-> no LAN device online

16:35 restart wgm
only my WIFI clients are online (weird?!)
 
Last edited:

Ellenswamy

Regular Contributor
sed -i '/WireGuard/d' /tmp/menuTree.js; rm /tmp/var/wwwext/user.*
I suggest you Reboot

or

from the command line; Issue
Code:
sed -i '/WireGuard/d' /tmp/menuTree.js; rm /tmp/var/wwwext/user.*
then
Code:
e  = Exit Script [?]

E:Option ==> www mount

Also I suggest you should upgrade to the dev branch
Code:
e  = Exit Script [?]

E:Option ==> uf d
[/QUOTE]
[email protected]:/tmp/home/root# sed -i '/WireGuard/d' /tmp/menuTree.js; rm /tmp/var/wwwext/user.*
rm: can't remove '/tmp/var/wwwext/user.*': No such file or directory

ran www mount and it said remount user6

switched to uf dev and it refreshed, so far only seeing one tab and it shows 1.02 as the version
 

Martineau

Part of the Furniture
sed -i '/WireGuard/d' /tmp/menuTree.js; rm /tmp/var/wwwext/user.*

[email protected]:/tmp/home/root# sed -i '/WireGuard/d' /tmp/menuTree.js; rm /tmp/var/wwwext/user.*
rm: can't remove '/tmp/var/wwwext/user.*': No such file or directory

ran www mount and it said remount user6

switched to uf dev and it refreshed, so far only seeing one tab and it shows 1.02 as the version
OK, thanks for the feedback.

Hopefully only one WireGuard® Manager Addons TAB should now (and in future) ever be present.
 

ZebMcKayhan

Very Senior Member
Here is my complete syslog:

16:28 starting my router

16:31 manual disconnection in my DSL Fritzbox
-> no LAN device is online

16:33 restart wg11
-> no LAN device online

16:35 restart wgm
only my WIFI clients are online (weird?!)
I don't really see any difference in the logs from the 2 restarts. However, there are a lot of
Code:
kernel: blog_link:overwriting ct_p=ffffffc02be21330
are these normal for your system or are they only appearing during your disconnect event?
During the 16:33 restart these messages still appear before and after, perhaps the router is not completally done with reconnect tasks? What if you just wait alittle longer before restarting wg11?

After these reconnect event when wg11 is not working, check for handshakes:
Code:
wg show
the timer should reset every couple of minutes. If it does the tunnel is still up and running.

If it gets reset every now and then, check routing rules:
Code:
ip rule

and policy route table:
Code:
ip route show table 121

firewall rules:
Code:
iptables -nvL FORWARD -t filter
iptables -nvL POSTROUTING -t nat
 

Martineau

Part of the Furniture
rebooted, and getting 2 tabs again.
So if you manually issue the following, does wg_manager correctly report the error?
Code:
e  = Exit Script [?]

E:Option ==> www mount


    ***ERROR: WebUI TAB ('wg_manager.asp') already mounted!
Hopefully, the same internal function call Mount_WebUI() is used both during the wg_manager Initialisation BOOT process and for a manual mount request.

I can't reproduce the duplicate wg_manager Addon WebUI tabs (but I don't run as many addons), but I would expect my Addon to usually occupy slot user1.asp or perhaps user2.asp rather than a high number slot such as user6.asp as in your case.

I'll have to create a debug version for you to try, in order to identify where the script is going wrong during the BOOT process.

In the interim (until I can provide a debug version of the script) you now have the necessary commands to manually remove the duplicate - until you next REBOOT.
 

NoName79

New Around Here
I don't really see any difference in the logs from the 2 restarts. However, there are a lot of
Code:
kernel: blog_link:overwriting ct_p=ffffffc02be21330
are these normal for your system or are they only appearing during your disconnect event?
During the 16:33 restart these messages still appear before and after, perhaps the router is not completally done with reconnect tasks? What if you just wait alittle longer before restarting wg11?

After these reconnect event when wg11 is not working, check for handshakes:
Code:
wg show
the timer should reset every couple of minutes. If it does the tunnel is still up and running.

Guess i found the problem, I get no new handshake. Tried with 2 different VPN (nvpn/mullvad).
the latest handshake counter is going up, i get no new connection.
(When my DSL is reconnected every 24h, i get a new IP from my provider.)

Code:
wg show

Code:
interface: wg11
  public key: p82Z+62yUU0SEj4hkwDmbadFC0Pf82E8FiKoA1C1jmA=
  private key: (hidden)
  listening port: 36969

peer: qcvI02LwBnTb7aFrOyZSWvg4kb7zNW9/+rS6alnWyFE=
  endpoint:
  allowed ips: 0.0.0.0/0, ::/0
  latest handshake: 18 minutes, 53 seconds ago. (sec:1133)
  transfer: 350.25 KiB received, 250.16 KiB sent
  persistent keepalive: every 25 seconds

        WireGuard® ACTIVE Peer Status: Clients 1, Servers 1
 
Last edited:

juanantonio

Regular Contributor
Good morning everyone.

I've successfully tunneled my RT-AC86u from my town house to my RT-AX86u installed on the city, using Wireguard Manager.

The question is: can I redirect a port in the wireguard server so as that port is reachable in the client from outside?

The connection scheme is simple: VPN supplier <---> RT-AX86u Wireguard Client <---> wg_manager passthru<---> RT-AX86u Wireguard Server <---> RT-AC86u Wireguard client.

I would like to reach the RT-AC86U client IP: Port through the VPN supplier Public IP: Port.

Many thanks in advance.
 
Last edited:

ZebMcKayhan

Very Senior Member
I would like to reach the RT-AC86U client IP: Port through the VPN supplier Public IP: Port.
You mean via your VPN Internet supplier? This is only possible if your VPN is opening ports to you which is usually not the case.

Any reason you are not running site2site between your trusted networks? That makes the networks more transparent and forwarding easier:
https://github.com/ZebMcKayhan/WireguardManager/blob/main/README.md#site-2-site
and
https://github.com/ZebMcKayhan/Wire...n/README.md#route-site-2-site-internet-access

Anyhow, with your current setup portforwarding needs to be done in 2 steps, first forward (Port 8001?) from wg11 to your server client (10.50.1.2:8001?) Then to the final destination (192.168.50.123:8001?). Could look something like this:
AX86U:
Code:
iptables -t nat -I PREROUTING -p tcp -i wg11 --dport 8001 -j DNAT --to-destination 10.50.1.2:8001 

iptables -I FORWARD -p tcp -d 10.50.1.2 --dport 8001 -m state --state NEW -j ACCEPT

AC86U:
Code:
iptables -t nat -I PREROUTING -p tcp -i wg11 --dport 8001 -j DNAT --to-destination 192.168.50.123:8001 

iptables -I FORWARD -p tcp -d 192.168.50.123 --dport 8001 -m state --state NEW -j ACCEPT

Above is only for tcp, if udp is needed these all need to be duplicated.

maybee this is possible to setup in the GUI instead, but I'm not at home so cant check.
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top