Posted: Sun Jan 16, 2022 20:03 Post subject: [SOLVED] Build 44715 - WireGuard Failing to connect
As the title states, I've had this working before, then went to change to a different server(Peer) and it now will just do a handshake, and then not process anything. I did a factory reset back to the 44715 build thinking something might have bugged up, but no go. It'll transfer a few bytes and then just not send and receive further. So it's connecting but doesn't want to process any traffic.
I'm using Keepsolid as my VPN provider.
I've got all IPs allowed to route through 0.0.0.0/0 and Route Allowed IP's via tunnel checked(enabled). Honestly am at a loss, nothing has changed, even tried to go back to the peer that I know was working and it no longer will do anything either.
Below is my WG settings, everything in black is provided by the VPN provider. The red is just the Public key that's forced to be there when you enable the tunnel by DDWRT.
Joined: 18 Mar 2014 Posts: 12877 Location: Netherlands
Posted: Sun Jan 16, 2022 20:29 Post subject:
You are using an old an no longer supported build
Currently we are on build 48128.
See the forum guidelines with helpful pointers about how to research your router, where and what firmware to download, where and how to post and many other helpful tips:
https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
I suggest you upgrade.
Coming from such an old build a reset to defaults after upgrading and put settings in manually (never restore from a backup to a different build) is highly recommended.
The client setup guide has a paragraph about setting up for Keepsolid, I am using it as we speak without problems.
The most probable causes are:
1. Wrong settings in allowed IP's.
You should use 0.0.0.0/1, 128.0.0.0/1
2. You should enable NAT via the Tunnel
3. You should enable the firewall (that is not a cause of not connecting but a safety risk)
See the forum guidelines with helpful pointers about how to research your router, where and what firmware to download, where and how to post and many other helpful tips:
https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
I suggest you upgrade.
Coming from such an old build a reset to defaults after upgrading and put settings in manually (never restore from a backup to a different build) is highly recommended.
The client setup guide has a paragraph about setting up for Keepsolid, I am using it as we speak without problems.
The most probable causes are:
1. Wrong settings in allowed IP's.
You should use 0.0.0.0/1, 128.0.0.0/1
2. You should enable NAT via the Tunnel
3. You should enable the firewall (that is not a cause of not connecting but a safety risk)
I always was skeptical of updating quickly as I've been burned before so I normally do the who N-1 update routine. Looks like this update got it working again.
I took your advice and went with NAT + Firewall + the 128.0.0.0/1 add.
Everything looks good and I'm back under the VPN.
Thanks a ton to both of you for the quick responses and help!
You should not use the router database
Build 44715 is old and has security issues.
But unfortunately we do not control that.
Anyway glad it is solved
I'm seeing that lol, I have been using DDWRT for a long time, but just recently figured to use the DB just because it might be finally working right....well back to the directory again. I do appreciate you guys helping though!
Maybe the external routing changed e.g. with your provider or they started to support IPv6 etc.
In that case lowering the MTU can help if you experience these kind of problems where some destinations work and others not.
There is a paragraph in the trouble shooting section about it.
But Keepsolid is not the most stable provider.
Sometimes they just kick you off.
I asked their support and WireGuard is hugely popular so they are converting OpenVPN servers to WireGuard and constantly restructuring their network.
WireGuard has fail-over built-in so if one tunnel fails the second can cut in (it is a new feature)
I grabbed a Private IP and I'm back to working again, but I stopped using a private IP as they seem to be using a range of IPs that have a ton of cloudflare blocks going on, so a good number of websites I use are blocked. I tried getting them to assist me in contacting cloudflare, but that went no were.
Found the MTU troubleshooting section, I'll give it a go if it starts up again.
That's good they are working on getting more servers up.
I'm guessing since I have a private IP, I'm not going to be able to do the fail over.
So they don't seem to understand that the same IP pool they keep swapping me over to, has sites blocked. They changed my IP again after I told them of the blocks...and their response was literally to change me to a new IP in the same pool....like guys the pool of IPs you're handing out to people for personal IPs IS BLOCKED/BANNED by some sites. You need to contact cloudflare and get your pool dropped from the list OR scrap these IPs and get new IPs...
Does anyone know how to get tickets escalated with KeepSolid, they've stopped responding to me, and wont escalate it to someone who knows more than lvl1 troubleshooting. Getting really annoyed with this company...if this isn't resolved, anyone got any other suggestions? They already have my lifetime membership fee, but I'm not wanting to keep paying for a private IP if sites like USPS/Imgur/Autozone are blocked, those are major websites...YOUR IP POOL IS FLAGGED FIX IT!
Joined: 18 Mar 2014 Posts: 12877 Location: Netherlands
Posted: Fri Jan 28, 2022 11:58 Post subject:
Sadly no, they are really cheap, I got a lifetime subscription via Stack Social for slightly over $30.
OpenVPN is OK but WireGuard (they say due to high demand) is "so so", If I do not use a tunnel it seems revoked sometimes while using a tunnel I am kicked off.
I now have a tunnel to an unpopular destination (Switzerland) which is stable and is now functioning for over a week.
I also have Mullvad (must admit I am not paying for it, I have a developers account with them) which is much better, but I think it will set you back E 5 a month.
Sadly no, they are really cheap, I got a lifetime subscription via Stack Social for slightly over $30.
OpenVPN is OK but WireGuard (they say due to high demand) is "so so", If I do not use a tunnel it seems revoked sometimes while using a tunnel I am kicked off.
I now have a tunnel to an unpopular destination (Switzerland) which is stable and is now functioning for over a week.
I also have Mullvad (must admit I am not paying for it, I have a developers account with them) which is much better, but I think it will set you back E 5 a month.
In the end you get what you are paying for
Yea I bought the lifetime at $99 has been working for over a year so I figured I've gotten my money out of it. Now it's becoming a pain, and I don't mind paying as right now I'm paying $15 a month for a private IP that clearly doesn't work. So gonna try Mullvad per your recommendation.
