Wireguard not re-establishing connection

Hi My Wireguard connection drops every couple of days which I think is either due to VPN changing ip address or connection just dropping for unknown reason. When this happens it doesn't re-establish the Wireguard VPN connection again unless I delete the Wireguard interface and setup the connection from scratch. Even restarting the router doesn't fix the issue.

Is there a way I can get it to re-establish the VPN connection without having to set it up again?

Thanks in advance.

Are you using WireGuard on OpenWRT, or on another system?

1 Like

I have a router running Openwrt 19.07.6

Apply these workarounds:

If the problem persists, then also apply this and reboot:


Thanks, will give that a go and see what happens. The problem usually happens every 5-7 days therefore I won't know immediately if it helps but will monitor over the week.

1 Like

The issue still seems to be happening after applying the workarounds. The VPN connection is not dropping but I lose connection on the device that is connected to the router via ethernet cable. This seems to happen about every 5-7 days or so. If I delete the VPN interface in network and set it up again then I'm ok for another 5-7 days.

This issue is doing my head in and I tried searching the forum and can't seem to find a solution. Can you advise?


When the issue happens, collect the diagnostics from both server and client and post it to pastebin.com redacting the private parts:

ubus call system board; uci show network; uci show firewall; crontab -l; \
wg show; ip address show; ip route show table all; ip rule show; iptables-save

I have removed the private keys and ip addresses for VPN.


1 Like
uci -q delete network.VPNUnlimited.listen_port
uci -q delete network.@wireguard_VPNUnlimited[0].allowed_ips
uci add_list network.@wireguard_VPNUnlimited[0].allowed_ips=""
uci commit network
/etc/init.d/network restart
sleep 10
/etc/init.d/vpn-policy-routing restart

I have tried the above and it's still not working. I don't think the allowed ips was the issue as it still was dropping connection to wired device when set to

It is very strange that it's effecting wired connections and not when using wireless. It intially works for almost a week then drops for no reason like it don't like anything plugged into the router.

  • Remove the listen port from the WG interface.
  • Try restarting the VPN-PBR service.

I have removed listen port and restarted VPN PBR and it did not make any difference. I was thinking is there a way to add device via MAC address in VPN And PBR instead of ip and would this work?

It is more reliable to set up static DHCP leases:

I have the same problem as topic-starter. As soon as my internet-provider drops the connection due to account arrears or ISP-router reboots, it is not possible to connect to VPN. Restarting of WG-interface, rebooting openwrt-router, etc result to nothing.


So I try to apply mentioned advises. But


Initially I set up my router according to this manual.

Silmilar topics:
WireGuard only TX no RX traffic
Wireguard interface not working properly after reboot
Wireguard connection not being restored

Increasing metric on the WAN interface should be enough.

I applied dynamic_connection, dynamic_address, race_conditions tweaks, but unfortunately it didn`t help. Please, take a look on the settings.

1 Like

What is the reason for adding that static route and using the custom routing table?

In order to bypass wireguard-VPN for some sites. Found the solution here.
I must admit, that everything works fine with these options, until internet connection, provided by ISP router, drops down. Or power failure. Then it is impossible to connect to VPN-server without creating new interface etc.

1 Like

Better use this:

uci -q delete network.@route[0]
for IPV in 4 6
uci set network.lan.ip${IPV}table="1"
uci set network.wan${IPV%4}.ip${IPV}table="2"
uci -q delete network.lan_wan${IPV%4}
uci set network.lan_wan${IPV%4}="rule${IPV%4}"
uci set network.lan_wan${IPV%4}.in="lan"
uci set network.lan_wan${IPV%4}.mark="1"
uci set network.lan_wan${IPV%4}.lookup="2"
uci set network.lan_wan${IPV%4}.priority="30000"
uci commit network
/etc/init.d/network restart

If the issue persists, also enable this:

mkdir -p /etc/hotplug.d/online
cat << "EOF" > /etc/hotplug.d/online/00-vpn-reconnect
if [ "${INTERFACE}" != "VPNUnlimited" ]
then ifup VPNUnlimited

Should I delete any existing options, when apply this?