1

I have a vanilla wireguard configuration - a cloud VPS running Centos stream is the server, and the clients in question are MacOS and an iOS iphone.

Often when attempting to connect after a long period of not using the VPN, there's no issue and the connection is established immediately.

If I disconnect and then try to reconnect, this is typically when things go wrong. I will either get:

  1. Data Sent: 148b, with occassional increments in tiny byte of data sent (connection attempts) with NO Data Received.
  2. An immediate, unending flood of data, either in Data Sent or Data Received (about 10MB / sec, which continues in perpetuity until I terminate the connection)

In either scenario, the connection is not successful, and I cannot connect to anything on the network. I either walk away and try later, or try to disconnect+reconnect 10-20 times until eventually I see a "normal" value in Data Received, and then I know the connection is actually established.

I've ruled out the router, and anything hops in between, because this happens on my private wifi, various public wifi, and on cellular. And this is extra perplexing since this also happens on multiple devices (MacOS + iOS).

As an example, one of the client configs looks like this:

[Interface]
PrivateKey = <masked>
Address = 10.7.0.4/24
DNS = <masked>

[Peer]
PublicKey = <masked>
PresharedKey = <masked>
AllowedIPs = 0.0.0.0/0, ::/0
Endpoint = <masked>:51820
PersistentKeepalive = 25

The only change I've observed that seems to help is limiting the AllowedIPs to a specific network range, instead of everything. That doesn't help though, as this tunnel is meant to transport all traffic.

Christian
  • 11
  • 2
  • I've had this happen. The *server* was the issue after a kernel upgrade - even downgrading didn't fix it. I ended up re-installing the VPS from scratch – Jaromanda X Apr 27 '23 at 01:58
  • Oddly enough, I've had this issue with the same config file, across multiple servers. I had to migrate the config off of CentOS (end of life) to a newer CentOS Stream VPS...and this is a consistent issue on both the old and new server. The new server also has unattended upgrades enabled. – Christian May 04 '23 at 13:17
  • I have exact dame issue from my iPhone to OpenWRT. After long idle it works asap. But fast toggling does not bring up the tunnel as well. And sometimes Data Sent increases to Gigabytes within seconds… – Robin Kluth Jul 03 '23 at 19:28
  • I've been having the exact same problem for a while now. Have you tried running Wireguard on a different port? But that doesn't solve this problem/behavior. Super annoying because sometimes you have a good connection after 1 or 2 attempts, but just now it took 12 times to reconnect. Funnily enough, I also use iOS and MacOS clients. Perhaps that could be a problem? – Ruald Ordelman May 03 '23 at 07:12

0 Answers0