ER605 v2.0 reboots on wireguard VPN connect
ER605 v2.0 reboots on wireguard VPN connect
I'm using wireguard server on the ER605 and connecting multiple clients - windows laptops.
If it matters, on the same WAN interface I have a IPsec VPN configured as well.
I upgraded to latest firmware version available for V2.0 today - ER605(UN)_V2_2.2.6 Build 20240718 because randomly some VPNs would stop receiving traffic completly from the VPN. Using wireshark I see only keepalives coming in, and a whole lot going out, but no responses.
My wireguard clients are configured to tunnel all traffic.
On upgrade to firmware 2.2.6 the ER605 completely reboots when a wireguard client connects with the previously created wireguard server.
I suspected some kind of bug so I deleted the old wireguard server and created a new one.
How did it fail again:
- I added the first client, connected, all looked good, disconnected the client.
- Added the second client, connected, all looked good, disconnected the client.
- Added the third client, connected, router crashed.
I'm not sure if its a core-dump or something else, but its obviously not good.
I'm downgrading to 2.2.5 now to see if the issue exists in there too, however I doubt it, because from the release notes there's been wireguard fixes in 2.2.6 only.
Edit: happens with 2.2.5 too
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
@Clive_A I thought that the Peer allowed address should contain the subnets I want to reach via WireGuard. A regular WireGuard config works like that as far as i know.
Nevertheless, I changed it to the client IP address with /32 prefix and now it seems to work OK.
Thank you!
- Copy Link
- Report Inappropriate Content
SHA2 wrote
@Clive_A
This also happens for me after the upgrade. You guys should really try this your self and offer a fix as not reply on us to give you a config file. Reverting to old frimware aswell
For your situation now, consider rolling back or waiting for others to work with us.
Asking for the config is to locate the reason and sync the information, if this bothers you, please do ignore what I have asked.
It is really common sense to have a conversation here without your chime in some simple human logic and basic SOP to confirm a problem and information exchange.
As for now, for the sake of other's help, we have a preliminary conclusion that this issue would only occur when you created at least two peers with the same subnet /24. So far it seems to be the case. Rest of the 3 new reports are not provided with the configs.
The reason has been located that this was an improper configuration and we did not design it to be doing this. Two peers with the same subnet is meaningless in our eye.
We will optimize this in the future firmware update.
A single peer with a subnet of all /24 is already enough for most people. If you need to place them in the same subnet, you should at least specify them as /32 which I have strongly recommended in the Configuration Guide.
A beta will be provided next month(estimated) and the official fix will be included in the firmware of adapting V5.15.X.
- Copy Link
- Report Inappropriate Content
I can confirm this is not a one of...
I'm sufering from exactly the same issue.
ER605 v2.0 - 2.2.6 Build 20240718 - Rel.82712
br
- Copy Link
- Report Inappropriate Content
Hi @Loeschnix
Thanks for posting in our business forum.
Post your configs and diagram. You crash at the third client as well? Who crashes, the router? What's the behavior of it? How do you verify it?
Require screenshots for every question asked.
Please mosaic your sensitive information. Here is a list of information considered sensitive:
1. Public IP address on your WAN if your WAN is.
2. Real MAC address of your device.
3. Your personal information including address, domain name, and credentials.
For troubleshooting purposes, when a WAN IP is needed, please leave some values visible for identification.
- Copy Link
- Report Inappropriate Content
Hi @v1ctorr
Thanks for posting in our business forum.
Post your configs and diagram, please. So, you've disconnected the first and second users, and when adding the third one, the router crashes. How did it crash? I mean specifically, how do you verify that the router is crashing and what's the behavior?
Your Wireshark results for that verification you mentioned in the description.
Require screenshots for every question asked.
Please mosaic your sensitive information. Here is a list of information considered sensitive:
1. Public IP address on your WAN if your WAN is.
2. Real MAC address of your device.
3. Your personal information including address, domain name, and credentials.
For troubleshooting purposes, when a WAN IP is needed, please leave some values visible for identification.
- Copy Link
- Report Inappropriate Content
I encountered the same issue. Firmware 2.2.6 Build 20240718 Rel.82712 , controlling my ER605 via Omada Controller app on Windows.
Whenever I connect to WG Server from my desktop PC everything is fine. But once I connect from my phone and it performs the handshake, the rooter reboots. Happens every time and there are no logs indicating any problems. Super weird and kinda annoying.
- Copy Link
- Report Inappropriate Content
Here is my configuration:
WG Server
WG Peers
WG config for mobile phone
[Interface]
PrivateKey = <private_key>
Address = 192.168.4.11/24
DNS = 1.1.1.1
[Peer]
PublicKey = <WG_server_public_key>
AllowedIPs = 0.0.0.0/0
Endpoint = 192.168.1.1:51820
- Copy Link
- Report Inappropriate Content
I would use /32 instead of /24 for allowed address. you only need to allow your own ip. also change Address = in the client file, I myself have an ER605 and do not experience the same problems as you, but as I said, I use /32
- Copy Link
- Report Inappropriate Content
@MR.S, thanks, I'll try that.
- Copy Link
- Report Inappropriate Content
i have no problems with er605v2 as wireguard server and my android phone (i mostly use it to see my ip cameras):
- Copy Link
- Report Inappropriate Content
DNS Server is IP of ER605 in local network
Try set like this
- Copy Link
- Report Inappropriate Content
@v1ctorr I have the same issue. Wireguard was working properly before. Tried downgrading to 2.2.5, but it didn't help. Waiting for TP-Link to fix.
- Copy Link
- Report Inappropriate Content
Information
Helpful: 0
Views: 796
Replies: 19
Voters 0
No one has voted for it yet.