Wireguard and mwan3 configuration issue

Something's wrong if you must disconnect to reach IP x.y.z.k.

Since the IP x.y.z.k is the IP of a remote tunnel server, you would have a route for that address that always uses wan_main.

Exactly. So at point I don't really trust Luci as everytime I try to create wg0 it comes back with pre filled values for its peer connection (x.y.x.k IP, port and public key), so it remembers stuff somewhere. Next thing to try is either try to create interface wg1 instead or completely reset router ( painful as it's my main dhcp point with non default LAN ip).

PLEASE SEE THIS THREAD: [Solved] Luci-proto-wireguard leaves peer information if deleted

THERE'S IS AN ISSUE WITH PEERS STAYING IN /etc/config/network after the interface is deleted.

So, if you recreated the interface using the same name, that's why you see the values comes back. Just:

  • give the interface a new name; or
  • be sure to edit /etc/config/network and remove the phantom peer entries
1 Like

thanks for that!

ok, so two good things happened. first, cleanup of the network configuration helped not having to remove Wireguard kernel modules everytime to get internet connection back in case wg interface is not working.

second, I came across a backup of my config from a week ago (before I started with mwan3) and after restoring it and amending key on the server everything worked! The only thing different in the network configuration file is the private key.

I thought OK, let me try new key and indeed it was not working. I double checked that public/private pair is correct, but still not working. Restored back old key and its working again. The only thing I haven't tried is to generate another key, to see if that is a one off problem with that particular key(I hope) or something doesn't allow me to other keys after initial connection...

I also recall new key worked once for me at some point, but for 1 packet only - handshake happened but only 1 packed received in lede client...