Wireguard "handshake" problem

[unclebuk]

Hello,

Attached is a log file showing some "handshake did not complete..." problem preventing the wireguard connection.

Does anyone know what this means and what steps I should follow to resolve it?

Thanks in advance.

 

[unclebuk]

Hello,

Update from the vpn provider via support ticket: (their exact words)

"If there is no handshake for 15 minutes then yes you need to create a new config to add to the router, so if you disconnect then try to connect 30 mins later your config won't work, for now, that’s how it is for optimal security,"

For some reason (security concerns cited) the wireguard conf files will expire 15 minutes after disconnected or a reconnection attempt and a new conf file with a new private key needs to be downloaded from their website and reconfigured in the wireguard client.

My wireguard connection disconnected overnight and would not reconnect, the only fix available is the above method,- redownload and re-install the conf file. However this problem does not affect the vpn providers desktop app when using wireguard, it only affects manual wireguard setups using their conf files. I much prefer to use the macOS Wireguard app rather than the vpn providers desktop app due to performance issues with it.

Makes me a tad suspicious.

 

[heysoundude]

If you're running wireguard client on your router to connect to a server and your router drops its end of the connection, that server is choosing to force your router to reestablish its identity. nothing to be suspicious about from the VPN provider (thats a good one, actually, whoever it is eventhough the window is 15 minutes wide for reconnect(key expiry)...that's AGES in computer time) - what you have to look at is why your router disconnected/took so long to reconnect.
this is proper security protocol, actually: once a client "ends" a secure tunnelling session, security credentials need to be reverified & reestablished (the key exchange) between endpoints to be considered secure.