Wireguard Connection handshake not completing

Hi,

I have set up wireguard on the server and client side and have the blue button for wireguard available. When trying to connect it gets an ip of the wireguard subnet, however after 5 seconds it says the handshake did not complete. After 3 attempts it says the server is offline.

How can I fix the issue with the handshake?

Thanks!
Kris

This is likely a configuration issue with the load balancer. If a load balancer is used the server must have a replication count equal to or greater than the number of hosts attached. Any host that is online must be replicating the server to be ready to accept the request from the load balancer.

Ok, I have reduced the LB down to only point to a single instance and updated the server config to match. The handshake still fails. I am using the HA Proxy config from the docs.

Are there some other options I can look into to solve this?

Thanks!
Kris

What error is shown in the service logs from the View Logs in the top right menu?

There are the logs right from the server:

[Host-12] 2023-01-08 13:53:01 User connected wg user_id=637beddaa7703884b8ad7ec8
[Host-12] 2023-01-08 13:53:01 User disconnected user_id=637beddaa7703884b8ad7ec8
[Host-12] 2023-01-08 13:53:21 User connected wg user_id=637beddaa7703884b8ad7ec8
[Host-12] 2023-01-08 13:53:21 User disconnected user_id=637beddaa7703884b8ad7ec8
[Host-12] 2023-01-08 13:53:42 User connected wg user_id=637beddaa7703884b8ad7ec8
[Host-12] 2023-01-08 13:53:42 User disconnected user_id=637beddaa7703884b8ad7ec8

These are the logs from the system logs:

[Host-12][2023-01-08 13:55:47,376][INFO] Authenticating user
factors = [“pin”]
[Host-12][2023-01-08 13:56:07,871][INFO] Authenticating user
factors = [“pin”]
[Host-12][2023-01-08 13:56:28,305][INFO] Authenticating user
factors = [“pin”]
[Host-12][2023-01-08 13:56:49,181][INFO] Authenticating user
factors = [“pin”]
[Host-12][2023-01-08 13:57:11,118][INFO] Authenticating user
factors = [“pin”]
[Host-12][2023-01-08 13:57:31,819][INFO] Authenticating user
factors = [“pin”]
[Host-12][2023-01-08 13:57:52,344][INFO] Authenticating user
factors = [“pin”]

Interestingly I noticed this as well:

[Host-12][2023-01-08 13:50:25,016][INFO] Starting vpn server
server_id = “637c5ff9a7703884b8adc0d2”
instance_id = “63bb3aa17c3a2cab1ea28f80”
instances = []
instances_count = 0
route_count = 0
network = “192.168.222.0/24”
network6 = “fd00:c0a8:de00::/64”
dynamic_firewall = false
host_id = “b608fa79ac0e4bc0b98a6235084c58ed”
host_address = “10.30.1.12”
host_address6 = “fe80::703c:fcff:fe36:3df6”
host_networks = [“10.10.0.0/16”, “10.30.1.0/27”, “10.50.3.0/24”, “10.20.4.0/27”]
cur_timestamp = “2023-01-08 21:50:25.015450”
libipt = false

The network line only contains the non-wireguard network… the wireguard subnet is 192.168.211.0/24

Logs from the Client Logs:

RequestError: Request: Timeout error
RequestError: Request: Timeout error
at ClientRequest.eval (webpack-internal:///./app/Request.js:170:31)
at ClientRequest.emit (node:events:513:28)
at TLSSocket.emitRequestTimeout (node:_http_client:814:9)
at Object.onceWrapper (node:events:627:28)
at TLSSocket.emit (node:events:525:35)
at Socket._onTimeout (node:net:526:8)
at listOnTimeout (node:internal/timers:559:17)
at process.processTimers (node:internal/timers:502:7)
[2023-1-7 13:27:25][ERROR] Profiles: Failed to sync profile configuration
RequestError: Request: Timeout error
RequestError: Request: Timeout error
at ClientRequest.eval (webpack-internal:///./app/Request.js:170:31)
at ClientRequest.emit (node:events:513:28)
at TLSSocket.emitRequestTimeout (node:_http_client:814:9)
at Object.onceWrapper (node:events:627:28)
at TLSSocket.emit (node:events:525:35)
at Socket._onTimeout (node:net:526:8)
at listOnTimeout (node:internal/timers:559:17)
at process.processTimers (node: internal/timers:502:7)

These are not the correct logs, there is a selection in the client log view that allows selecting the service logs.

These service logs from the client?

C:/Program Files/Go/src/runtime/asm_amd64.s:1594 +0x8771e0
[2022-11-22 21:59:54][ERRO] :arrow_forward: profile: Failed to push profile log output ◆ output=“2022-11-22 21:59:54 Server poll timeout, restarting”
log: Failed to rotate profile log file
rename C:\ProgramData\Pritunl\Profiles\616330449522a755.log C:\ProgramData\Pritunl\Profiles\616330449522a755.log.1: The process cannot access the file because it is being used by another process.
ORIGINAL STACK TRACE:
github.com/pritunl/pritunl-client-electron/service/log.ProfilePushLog
C:/Users/Windows/go/src/github.com/pritunl/pritunl-client-electron/service/log/profile.go:58 +0xd2fe25
github.com/pritunl/pritunl-client-electron/service/profile.(*Profile).pushOutput
C:/Users/Windows/go/src/github.com/pritunl/pritunl-client-electron/service/profile/profile.go:836 +0xd479f0
github.com/pritunl/pritunl-client-electron/service/profile.(*Profile).parseLine
C:/Users/Windows/go/src/github.com/pritunl/pritunl-client-electron/service/profile/profile.go:848 +0xd48045
github.com/pritunl/pritunl-client-electron/service/profile.(*Profile).startOvpn.func3
C:/Users/Windows/go/src/github.com/pritunl/pritunl-client-electron/service/profile/profile.go:1567 +0xd4c63b
runtime.goexit
C:/Program Files/Go/src/runtime/asm_amd64.s:1594 +0x8771e0
[2022-11-22 21:59:54][ERRO] :arrow_forward: profile: Failed to push profile log output ◆ output=“2022-11-22 21:59:54 SIGUSR1[soft,server_poll] received, process restarting”
log: Failed to rotate profile log file
rename C:\ProgramData\Pritunl\Profiles\616330449522a755.log C:\ProgramData\Pritunl\Profiles\616330449522a755.log.1: The process cannot access the file because it is being used by another process.
ORIGINAL STACK TRACE:
github.com/pritunl/pritunl-client-electron/service/log.ProfilePushLog
C:/Users/Windows/go/src/github.com/pritunl/pritunl-client-electron/service/log/profile.go:58 +0xd2fe25
github.com/pritunl/pritunl-client-electron/service/profile.(*Profile).pushOutput
C:/Users/Windows/go/src/github.com/pritunl/pritunl-client-electron/service/profile/profile.go:836 +0xd479f0
github.com/pritunl/pritunl-client-electron/service/profile.(*Profile).parseLine
C:/Users/Windows/go/src/github.com/pritunl/pritunl-client-electron/service/profile/profile.go:848 +0xd48045
github.com/pritunl/pritunl-client-electron/service/profile.(*Profile).startOvpn.func3
C:/Users/Windows/go/src/github.com/pritunl/pritunl-client-electron/service/profile/profile.go:1567 +0xd4c63b
runtime.goexit
C:/Program Files/Go/src/runtime/asm_amd64.s:1594 +0x8771e0
[2022-11-22 21:59:54][ERRO] :arrow_forward: profile: Failed to push profile log output ◆ output=“2022-11-22 21:59:54 Outgoing Control Channel Authentication: Using 160 bit message hash ‘SHA1’ for HMAC authentication”
log: Failed to rotate profile log file
rename C:\ProgramData\Pritunl\Profiles\616330449522a755.log C:\ProgramData\Pritunl\Profiles\616330449522a755.log.1: The process cannot access the file because it is being used by another process.
ORIGINAL STACK TRACE:
github.com/pritunl/pritunl-client-electron/service/log.ProfilePushLog
C:/Users/Windows/go/src/github.com/pritunl/pritunl-client-electron/service/log/profile.go:58 +0xd2fe25
github.com/pritunl/pritunl-client-electron/service/profile.(*Profile).pushOutput
C:/Users/Windows/go/src/github.com/pritunl/pritunl-client-electron/service/profile/profile.go:836 +0xd479f0
github.com/pritunl/pritunl-client-electron/service/profile.(*Profile).parseLine
C:/Users/Windows/go/src/github.com/pritunl/pritunl-client-electron/service/profile/profile.go:848 +0xd48045
github.com/pritunl/pritunl-client-electron/service/profile.(*Profile).startOvpn.func3
C:/Users/Windows/go/src/github.com/pritunl/pritunl-client-electron/service/profile/profile.go:1567 +0xd4c63b
runtime.goexit
C:/Program Files/Go/src/runtime/asm_amd64.s:1594 +0x8771e0