I switched back to OpenWRT yesterday, as hardware I am using a Fritz!Box 4040, which works like a charm. I am running 18.06.04 which I downloaded from the Fritz!Box device page.
One problem I have is with Wireguard tho: I have the most classic szenario (I think) where remote devices connect to my home LAN via Wireguard.
After setting everything up via LEDE the wireguard interface wasn't working ("Network device not present"). A restart fixed this. I then set up peers, which again required me to restart the router.
After detecting a configuration error with one of my peers this morning I (remotely) fixed the issue and restarted the interface. This caused my remote clients to loose connection to anything (the lan, the wireguard interface, ...). The handshake works and I receive keepalive packets, but pinging either a LAN IP or the Wireguard Interface's IP results in timeouts. I am guessing that a restart of my router will fix this (again), although I can't verify as I cannot access the router anymore...
Here is the relevant part of my config (my LAN is on the 10.222.0.1/24 subnet):
My OpenWRT Router's config:
config interface 'wireguard' option proto 'wireguard' option private_key 'XXX' option listen_port '51820' list addresses '10.222.200.1/24' config wireguard_wireguard option public_key 'XXX' list allowed_ips '10.222.200.2/24' option route_allowed_ips '1' option persistent_keepalive '25' option description 'XXX' config wireguard_wireguard option public_key 'XXX' list allowed_ips '10.222.200.3/24' option route_allowed_ips '1' option persistent_keepalive '25' option description 'XXX' config wireguard_wireguard option description 'XXX' option public_key 'XXX' list allowed_ips '10.222.200.4/24' option route_allowed_ips '1' option persistent_keepalive '25'
config zone option name 'lan' option input 'ACCEPT' option output 'ACCEPT' option forward 'ACCEPT' option network 'lan wireguard' config rule option enabled '1' option target 'ACCEPT' option src 'wan' option proto 'udp' option dest_port '51820' option name 'Allow Wireguard inbound'
My client config:
[Interface] PrivateKey = XXX Address = 10.222.200.3/24 [Peer] PublicKey = XXX AllowedIPs = 10.222.0.1/16 Endpoint = XXX:51820
Any ideas what would cause connectivity to be lost when I change the configuration/restart the interface?