'Wireguard is not updating it's config when started by wg-quick up wg.conf

I am trying to change the configuration of wireguard client configuration on my Ubuntu system. It is running without any problems for months now. But now I want to change the AllowedIPs configuration of my peer. But I am not able to convince my wg0 device to use this new configuration.

What I tried to do:

  • wg-quick down wg0
  • Change the AllowedIPs section in my config file to AllowedIPs = 0.0.0.0/0, ::/0
  • wg-quick up /etc/wireguard/wg0.conf

After that, my wg0 is still using the allowed-ips I had configured before. I am checking this looking at the output of wg and checking my public IP.

wg-quick strip wg0 does print the correct configuration though.

Even if I try to sync the configuration with wg syncconf wg0 <(wg-quick strip wg0), the new configuration is applied (checking it with wg), but I still have my previous IP.

Where is the allowed-ips configuration configured/saved/cached if not in my configuration file? Where is wireguard taking it from?

ubuntuwireguard


Solution 1:[1]

I also stumbled across this behaviour recently.

ubuntu wg-quick down changes config file (...if SaveConfig = true defined inside....)

I was wondering why always my dynamicdns inside the Endpoint definition got changed to my actual used IP inside of my .conf-file right after the command "wg down".

Pretty annoying after next IP-change at my Router on the other Peer...

see: http://manpages.ubuntu.com/manpages/focal/en/man8/wg-quick.8.html

  [Interface]
           Address = 10.192.122.1/24
           Address = 10.10.0.1/16
           **SaveConfig = true**
           PrivateKey = yAnz5TF+lXXJte14tji3zlMNq+hd2rYUIgJBgB3fBmk=
           ListenPort = 51820

           [Peer]
           PublicKey = xTIBA5rboUvnH4htodjb6e697QjLERt1NAB4mZqp8Dg=
           AllowedIPs = 10.192.122.3/32, 10.192.124.1/24

           [Peer]
           PublicKey = TrMvSoP4jYQlY6RIzBgbssQqY3vxI2Pi+y71lOWWXX0=
           AllowedIPs = 10.192.122.4/32, 192.168.0.0/16

           [Peer]
           PublicKey = gN65BkIKy1eCE9pP1wdc8ROUtkHLF2PfAqYdyYBz6EA=
           AllowedIPs = 10.10.10.230/32

Just below is written: ...blabla... and that SaveConfig' is set to true', indicating that the configuration file should be saved on shutdown using the current status of the interface.....

So the Solution is: Put a "#" in front to uncomment or delete the "SaveConfig" Line... ;-)

Best regards. fckptn

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source
Solution 1 fckptn

Related Questions