Mikrotik 7.14 - wireguard

eguun · March 9, 2024, 5:51pm

Hello

Since 7.14, I am seeing these messages in the logs

wireguardInterface: bK[REDACTED]=: Handshake for peer did not complete after 5 seconds, retrying (try 2)

eventually followed by

wireguardInterface: bK[REDACTED]=: Handshake for peer did not complete after 20 attempts, giving up

I’m seeing these logs when the peer disconnects (eg: mobile phone put in sleep mode, or laptop being folded away)

But the config works fine:

mikrotik as server
multiple road warrior peers
all peers capable on connecting and sending/receiving traffic

I read with big attention similar posts, like this one:
http://forum.mikrotik.com/t/wireguard-client-handshake-for-peer-did-not-complete/171864/1

My config also doesn’t have “client address” defined
Firewall rule to allow 120.0.0.1 to send traffic

… and again to repeat myself, my current setup works!

Anyone else facing similar log flood since 7.14 while wireguard works?

anav · March 9, 2024, 7:39pm

Yes, try reading the 7.14 thread in announcements…

holvoetn · March 9, 2024, 7:44pm

And 7.15beta6 where it has been solved.
Or change manually info rule in log to exclude wireguard logging
info, !wireguard

anav · March 9, 2024, 7:51pm

You mean this one… http://forum.mikrotik.com/t/too-many-wireguard-logs-from-version-7-14beta3/172509/1

eguun · March 9, 2024, 7:59pm

Thanks

Searching with the error message didn’t surface this announcement. Thanks for outlining it.

Yes, I also added this log rule earlier today … but felt like hiding dirt under the carpet.
Now I have some vote of confidence as the best workaround.
Thanks I feel less guilty