Wireguard starts throwing Handshake for peer not completed errors after reboot

I have configured a wireguard tunnel. The peer on the other end is a wireguard instance running on Linode.

Sometimes after I reboot the router OR when I start it after it was shutdown abruptly because of a power cut, I start seeing these errors in the console. I have verified the public/private keys in winbox and in the configuration on the other peer. The keys match perfectly so this should not fail and yet it does. The other peer becomes unreachable and the only way I have found to fix it is to replace the keys on the mikrotik router and update the other peer. After this it works perfectly until I have to reboot the router.

Since, From the looks of it, The keys have not changed at all so I can’t figure out why the authentication keeps failing.

I think I have had this problem from 7.1beta4.

Has anyone else ran into these issues? Is there a permanent fix? or anything else I can do here? Is the dev team aware of this issue?

Please let me know if I can provide any thing to help debug this. Thank you

There is an ongoing issue where the wireguard tunnel can not be launched if you use a name as endpoint AND the initial resolve of that name to an IP address does not succeed.
Disabling status of peer and enabling again is the current workaround.
Can easily be done using netwatch, ip adress of other side and small script in down part to do the toggling.
Or use IP address as endpoint instead of name if you can.

And yes, it’s already around for quite some time.
BUT … some have the problem, some don’t. I don’t see it currently on mAP Lite with 7.1.
I did have the issue on all other devices I upgraded to 7.1rc so all my devices still have that netwatch workaround from then.

I use the Peer’s public IPv4 address in the Endpoint field.

I have not tried disabling and then enabling that peer but I’ll definitely try it when this happens again.

I am currently on the supposedly stable 7.1 version on my RB450GX4 and have this issue.