clients sometimes need to ping outside world in order to be pinged by other clients

Question

clients sometimes need to ping outside world in order to be pinged by other clients

Jconn opened this issue 3 years ago · comments

occasionally, some of the clients on our vpn stop responding to pings from other clients on the vpn.
These issues occur on Ubuntu 18.04 and 20.04 clients

If we ssh into the offending client through another network interface and ping any internet address or vpn client address, then the offending client starts responding to pings again.

we've set the param BetweenClients_DROP: false which is what allows communication to work normally.

David Myers · Answer 1 · Wed Jun 09 2021 09:31:04 GMT+0800 (China Standard Time)

If there's a firewall between your AlgoVPN server and the "offending" client then the problem might be that the firewall states are expiring when the client is idle for a while. Try adding:

PersistentKeepalive = 25

to the client's WireGuard configuration so that it sends regular traffic and keeps the firewall states current.

John Connolly · Answer 2 · Wed Jun 09 2021 11:55:32 GMT+0800 (China Standard Time)

I will try that and wait a few weeks to see if the issue is gone

David Myers · Answer 3 · Wed Jun 09 2021 20:46:22 GMT+0800 (China Standard Time)

If PersistentKeepalive solves your problem you can have Algo add it to your WireGuard configs the next time you deploy a server by setting wireguard_PersistentKeepalive in config.cfg.

John Connolly · Answer 4 · Thu Aug 12 2021 22:31:19 GMT+0800 (China Standard Time)

This did solve my problem, I will close the issue. Thank you!