I had setup my openwrt RPi3 as a travel router which connects home (running a wireguard server). The server runs perfectly fine as I can connect my phone to it. However something seems to go wrong with the pi. It was working fine one year ago when I used it, but doesn't work now for some reason.
The keys seem to work as it establishes wireguard connection. Probably something is misconfigured with the firewall? Pasting screenshots and logs below. Any help appreciated.
root@OpenWrt:~# logread -e vpn; netstat -l -n -p | grep -e "^udp\s.*\s-$"
udp 0 0 0.0.0.0:56800 0.0.0.0:* -
udp 0 0 :::56800 :::* -
root@OpenWrt:~# pgrep -f -a wg; wg show; wg showconf vpn
2207 wg-crypt-wg0
interface: wg0
public key: <public key>
private key: (hidden)
listening port: 56800
peer: <key>
endpoint: <ip address:port>
allowed ips: 0.0.0.0/0
latest handshake: 45 seconds ago
transfer: 220 B received, 17.46 KiB sent
persistent keepalive: every 25 seconds
Unable to access interface: No such device
root@OpenWrt:~# ip address show; ip route show table all
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group defaul t qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel master br-lan state UP group default qlen 1000
link/ether b8:27:eb:8b:91:a9 brd ff:ff:ff:ff:ff:ff
3: wlan0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP gro up default qlen 1000
link/ether b8:27:eb:de:c4:fc brd ff:ff:ff:ff:ff:ff
inet 192.168.1.16/24 brd 192.168.1.255 scope global wlan0
valid_lft forever preferred_lft forever
inet6 fe80::ba27:ebff:fede:c4fc/64 scope link
valid_lft forever preferred_lft forever
6: br-lan: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP gro up default qlen 1000
link/ether b8:27:eb:8b:91:a9 brd ff:ff:ff:ff:ff:ff
inet 192.168.2.1/24 brd 192.168.2.255 scope global br-lan
valid_lft forever preferred_lft forever
inet6 fe80::ba27:ebff:fe8b:91a9/64 scope link
valid_lft forever preferred_lft forever
7: wg0: <POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1420 qdisc noqueue state UNKNOWN gro up default qlen 1000
link/none
inet 10.14.0.5/32 brd 255.255.255.255 scope global wg0
valid_lft forever preferred_lft forever
default dev wg0 proto static scope link
<ip address> via 192.168.1.1 dev wlan0 proto static
192.168.1.0/24 dev wlan0 proto kernel scope link src 192.168.1.16
192.168.2.0/24 dev br-lan proto kernel scope link src 192.168.2.1
local 10.14.0.5 dev wg0 table local proto kernel scope host src 10.14.0.5
broadcast 127.0.0.0 dev lo table local proto kernel scope link src 127.0.0.1
local 127.0.0.0/8 dev lo table local proto kernel scope host src 127.0.0.1
local 127.0.0.1 dev lo table local proto kernel scope host src 127.0.0.1
broadcast 127.255.255.255 dev lo table local proto kernel scope link src 127.0.0 .1
broadcast 192.168.1.0 dev wlan0 table local proto kernel scope link src 192.168. 1.16
local 192.168.1.16 dev wlan0 table local proto kernel scope host src 192.168.1.1 6
broadcast 192.168.1.255 dev wlan0 table local proto kernel scope link src 192.16 8.1.16
broadcast 192.168.2.0 dev br-lan table local proto kernel scope link src 192.168 .2.1
local 192.168.2.1 dev br-lan table local proto kernel scope host src 192.168.2.1
broadcast 192.168.2.255 dev br-lan table local proto kernel scope link src 192.1 68.2.1
fe80::/64 dev br-lan proto kernel metric 256 pref medium
fe80::/64 dev wlan0 proto kernel metric 256 pref medium
local ::1 dev lo table local proto kernel metric 0 pref medium
anycast fe80:: dev br-lan table local proto kernel metric 0 pref medium
anycast fe80:: dev wlan0 table local proto kernel metric 0 pref medium
local fe80::ba27:ebff:fe8b:91a9 dev br-lan table local proto kernel metric 0 pre f medium
local fe80::ba27:ebff:fede:c4fc dev wlan0 table local proto kernel metric 0 pref medium
ff00::/8 dev br-lan table local proto kernel metric 256 pref medium
ff00::/8 dev wlan0 table local proto kernel metric 256 pref medium
ff00::/8 dev wg0 table local proto kernel metric 256 pref medium
root@OpenWrt:~# uci show network; uci show firewall; crontab -l
network.loopback=interface
network.loopback.ifname='lo'
network.loopback.proto='static'
network.loopback.ipaddr='127.0.0.1'
network.loopback.netmask='255.0.0.0'
network.globals=globals
network.lan=interface
network.lan.type='bridge'
network.lan.ifname='eth0'
network.lan.proto='static'
network.lan.netmask='255.255.255.0'
network.lan.ipaddr='192.168.2.1'
network.wwan=interface
network.wwan.proto='dhcp'
network.wg0=interface
network.wg0.proto='wireguard'
network.wg0.addresses='10.14.0.5/32'
network.wg0.private_key='<private key>'
network.wg0.delegate='0'
network.@wireguard_wg0[0]=wireguard_wg0
network.@wireguard_wg0[0].public_key='<public key>'
network.@wireguard_wg0[0].description='Description'
network.@wireguard_wg0[0].persistent_keepalive='25'
network.@wireguard_wg0[0].endpoint_port='<port>'
network.@wireguard_wg0[0].allowed_ips='0.0.0.0/0'
network.@wireguard_wg0[0].route_allowed_ips='1'
network.@wireguard_wg0[0].endpoint_host='<ip address>'
firewall.@defaults[0]=defaults
firewall.@defaults[0].input='ACCEPT'
firewall.@defaults[0].output='ACCEPT'
firewall.@defaults[0].synflood_protect='1'
firewall.@defaults[0].forward='REJECT'
firewall.@zone[0]=zone
firewall.@zone[0].name='lan'
firewall.@zone[0].forward='ACCEPT'
firewall.@zone[0].network='lan wg0'
firewall.@zone[0].input='ACCEPT'
firewall.@zone[0].output='ACCEPT'
firewall.@include[0]=include
firewall.@include[0].path='/etc/firewall.user'
firewall.@zone[1]=zone
firewall.@zone[1].name='wan'
firewall.@zone[1].output='ACCEPT'
firewall.@zone[1].input='ACCEPT'
firewall.@zone[1].forward='ACCEPT'
firewall.@zone[1].network='wwan'
firewall.@zone[1].masq='1'
firewall.@forwarding[0]=forwarding
firewall.@forwarding[0].dest='wan'
firewall.@forwarding[0].src='lan'
crontab: can't open 'root': No such file or directory