Hi to all, gens.
I have an issue with Wireguard connection after internet disconnection.
I have a furter network configuration:
- a Wireguard server on VPS with fixed ip address, wg is configured with that script (maybe it matters due to some iptables settings).
- two locations (read like two houses) with MT HAP AC2 on one and MT RB951G-2HnD on another (ROS 7.8).
Both of them have very simmilar configuration: wireguard peer to (not hostname) with Persistent Keepalive=25s.
Address List entries are marked with “marking connection” for further routing to wg-interface. Not all traffic goes to the tunnel.
DNS is set to use a DNS-server inside tunnel (10.7.0.1) for all resolving.
The problem is when IPS connection is lost, wireguard connection is not re-establishing. That means IPS connection is working properly, VPS-ip-address is pingable, but wg handshake is always fails (Rx always zero). Even after rebooting router, what suprises me most. And even more - that only happens on hap ac2, not RB951G.
Disabling-enabling wg-peer not helping. Sometimes rebooting VPS helps, sometime - ping from VPS inside tunnel to peer (10.7.0.2 for example).
I cannot reproduce the issue intentionally, because simply pull IPS wire out is not working.
Any advice where to dig and how to debug it?
Sorry for welter with explanation in advance