Hello everyone,
I'm familiar with Wireguard and happy to see it made it into RouterOS.
Recently I upgraded some devices to 7.x and thought about giving it a try to replace some OpenVPN tunnels and NATted instance of Wireguard (VM).
It's working smoothly so far but I witnessed two things, that may not be related to Mikrotik/RouterOS rather to Wireguard's code.
1 - I have an HAP AC^2 (7.1.1) behind a RB2011 (6.49) and wanted to use the access point to establish a Wireguard tunnel towards a RB1100AHx2 (7.1.1).
The HAP AC^2 did not initiate any traffic (no rx, no tx, added a firewall rule to log that traffic, no nothing) until I added a `persistent keepalive` - That's when it started initiating the connection and it's working just fine now. Provided there is an endpoint specified in the peer, shouldn't it initiate the connection without any keepalive setting configured?
2 - In the other hand, I declared two peers on the RB1100AHx2 with no endpoint. My understanding is that they're waiting for a connection from a remote device and not initiating anything.
Oddly enough one is trying to establish the tunnel but not the other one.
For the one having some TX, log say "Handshake for peer did not complete after 5 seconds, retrying (try 10)" but not for the other peer.
Thank you
Not big issues but was just wondering if there aren't small bugs here.