Wireguard interface doesn't come up after reboot

After configuring Wireguard interface and firewall, I reboot the router. Wireguard interface comes up, connects to peer, everything is good. Now I reboot again.
Wireguard interface wg0 doesn't come up and seems completely unconfigured.

# ifconfig wg0
wg0       Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00  
          POINTOPOINT NOARP  MTU:1420  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

If I bring it up via ifconfig wg0 up, it doesn't connect.

# ifconfig wg0
wg0       Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00  
          inet addr:172.16.0.2  P-t-P:172.16.0.2  Mask:255.255.255.255
          inet6 addr: fd01:5ca1:ab1e:87b7:8b7e:da41:23b8:1654/128 Scope:Global
          UP POINTOPOINT RUNNING NOARP  MTU:1420  Metric:1
          RX packets:5 errors:0 dropped:0 overruns:0 frame:0
          TX packets:166 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:548 (548.0 B)  TX bytes:21080 (20.5 KiB)

Relevant part of /etc/config/network:

config interface 'wg0'                         
        option proto 'wireguard'    
        option private_key 'X'
        list addresses '172.16.0.2/32'
        list addresses 'fd01:5ca1:ab1e:87b7:8b7e:da41:23b8:1654/128'
        option listen_port '32409'                                       
                                      
config wireguard_wg0                                                
        option public_key 'bmXOC+F1FxEMF9dyiK2H5/1SUtzH0JuVo51h2wPfgyo=' 
        option description 'Cloudflare'
        option persistent_keepalive '25'                            
        option endpoint_port '2408'                                      
        list allowed_ips '0.0.0.0/0'   
        list allowed_ips '::/0'                                     
        option route_allowed_ips '1'                                     
        option endpoint_host 'engage.cloudflareclient.com'

I've done the time synchronization stuff - have set servers by IP, but no joy.

I would check if the port bindings are correct and work after the reboot. The listen_port on your side is redundant. If the cloudflare peer doesn't require it you may remove it.

1 Like

@maqroll, welcome to the community!

Remove this; and ensure its not set at Cloudflare.

(You don't show this.)

@lleachii Thanks,
That does the trick!
Thanks much.

1 Like

@trendy Hi. That was it. It's working as expected now and everything survives reboot.
Thanks much.

1 Like

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.