Jump to content
TorGuard
  • 0

Silly issue that is not important but drives me nuts (Linux Mint)

Rate this question


torguard_user_debian

Question

torguard_user_debian

This has been going on for about 6 months.  I had my hopes up that it would go away with the newest release 4.6.0 (Debian).

Basically what is happening is that anytime I suspend my laptop / close the lid, or put it into hibernation when I go to use my machine again -- Torguard client will be stuck with the status of "reconnecting".  I have to manually click disconnect, and then connect.  It will then connect and work as normal.  I don't know if this has been reported or not.   Any ideas are helpful and thank you.

 

 

 

Link to post
Share on other sites

14 answers to this question

Recommended Posts

  • 0
Ashutosh

I, too, face this problem on Fedora 33 sometimes, I am using wireguard. I could be wrong but I think this is because wireguard configs expire — I believe you are using wireguard as well. What I mean is that if I am (or my network to be more specific) inactive for a while, my wireguard config would expire, so I must reconnect which (I suppose) generates a new config and downloads it for further use. You can confirm this by changing your config to use OpenVPN instead.

Link to post
Share on other sites
  • 0
torguard_user_debian

@Ashutosh  that sounds about right, and yes I am using wireguard.   Couldn't they just introduce something to the client so it will recognize when the computer is waking up? Disconnecting/Reconnecting without the user even having to think about it?  I mean the reconnecting happens in like 3 seconds.  No reason it couldn't be automated.

Just saying.....................

Link to post
Share on other sites
  • 0
Support
2 hours ago, torguard_user_debian said:

@Ashutosh  that sounds about right, and yes I am using wireguard.   Couldn't they just introduce something to the client so it will recognize when the computer is waking up? Disconnecting/Reconnecting without the user even having to think about it?  I mean the reconnecting happens in like 3 seconds.  No reason it couldn't be automated.

Just saying.....................

 

Hey there,

We are looking into this right now - just to be sure, this only happens with wireguard for you?

Regards

Link to post
Share on other sites
  • 0
torguard_user_debian

@Support_Staff   -  To answer your question, no.  I just tested it and it happens with all 3; OpenConnect, OpenVPN, and Wireguard.  Generally Wireguard is all that I use.

Link to post
Share on other sites
  • 0
Support
1 hour ago, torguard_user_debian said:

@Support_Staff   -  To answer your question, no.  I just tested it and it happens with all 3; OpenConnect, OpenVPN, and Wireguard.  Generally Wireguard is all that I use.

 

Thanks, its an open issue on our bug tracker and we are looking into it.

Link to post
Share on other sites
  • 0
19807409

@torguard_user_debian just read it, what I miss on your description is, when you wake up your pc, are you connected over wireguard to torguard or not?

I ask this because it kinda is logical what happens (if I am right) and it is simply a GUI issue.

In difference to other protocols, wireguard is in fact connection-less protocol. It means, after you wake up, you still should be connected over wireguard (you can check it with: wg show).

Based on above explanation, it could be the case, that TorGuard client does not check this connection properly and shows as disconnected, I remember I had this sometimes during beta on my debian.

TorGuard client itself has different routines for different protocols and I guess there is some bug in it, where I do not remember anymore if that happens on ubuntu 18/20.04, but would assume it does.

I guess you can't do anything more than simply wait for client update where this issue is fixed. For the case that you sleep too long and your peer gets invalidated on torguard side (I think now it is 24 hours or so), then I believe application would indeed reconnect.

Everything above is just my first tough about the issue you described, I neither can confirm or deny it, but please verify if you are connected despite TorGuard app showing you reconnecting.. (all of that is valid just for wireguard, if you use other protocols, you are disconnected, wireguard is here a little bit more advanced :) )

Link to post
Share on other sites
  • 0
torguard_user_debian

Screenshot food-for-thought.  Hope this helps.  Also the client behaves 1 of 2 ways when waking up.  It will either display "Connected"  when it simply is not and the computer can not ping out.   Or it displays "Reconnecting"  where it is stuck in a loop and never actually connects until the user clicks disconnect and then clicks connect manually.  This screenshot it is displaying "Connected" however it is not. (just woke up from pm-suspend)   Oh also this is a laptop with a wifi connection if that makes any differencewireguard_issues.thumb.png.68a4052894a8a0be5ebe646a684403e5.png

 

 

Link to post
Share on other sites
  • 0
19807409
8 hours ago, torguard_user_debian said:

Screenshot food-for-thought.  Hope this helps.  Also the client behaves 1 of 2 ways when waking up.  It will either display "Connected"  when it simply is not and the computer can not ping out.   Or it displays "Reconnecting"  where it is stuck in a loop and never actually connects until the user clicks disconnect and then clicks connect manually.  This screenshot it is displaying "Connected" however it is not. (just woke up from pm-suspend)   Oh also this is a laptop with a wifi connection if that makes any differencewireguard_issues.thumb.png.68a4052894a8a0be5ebe646a684403e5.png

 

 

thanks for sharing the screenshot, it indeed confirms my thoughs. What happens here is clear, but what is not clear to me is why you say that ping etc. does not work, if you wait for 60 seconds after your pc woke up, then running wg show and trying to ping, does it result in no ping at all?

I ask this, because I would assume that when next/new handshake approach is done, you will see if handshake works. According to what you posted, if there is no ping etc.. it would mean handshake fails or that your IP address (internal 10....) is not anymore dedicated to your public key (WAhp....). Where again, it should be 24 hours validity meaning that if you wake up within 24 hours your wireguard should connect.

TorGuard client has not much to do with it actually, only point of how it shows the status, where reconnecting is probably wrong, please enable logging and send it to torguard support, because reconnecting should simply bring the interface down and up again and if you look up what TorGuard client does, you will see that it creates always a new keypair when connecting and it is done by the api, here is some description which needs also to be updated (will do it when I got time). You can try it out manually, create wireguard interface and launch wireguard using the api, then hinbernate/sleep, then wake up. On Linux I can confirm you that you will be permanently connected assumed wireguard runs on boot and as it is connection-less protocol, there is no much need for jobs restarting the interface. Also, when you restart your interface, other clients connected to you will not get disconnected immediately as it happens with other protocols.

I also remember with beta client, when I woke the pc from sleep in linux (tried back then on debian 10 and ubuntu 20.04) and TorGuard client did tell me RECONNECTING... but I was already connected due to nature of wireguard protocol. I never tested it on windows, or better said never inspected debug/log of TorGuard client on windows, but if you enable logging you should clearly see there what is going on.

For TorGuard, I guess they should take a closer look on how their applications reports the status, I am sure they will get this quickly sorted as this can be resolved in many different, simple ways.

For you, I guess it is important to stay connected, you might try the API and original client on windows to see if same issue persists with original client, where keep in mind please, TorGuard client uses original wireguard, meaning the result should actually be the same.

Hope this helps

EDIT: By mistake I assumed you use windows, I see you wrote debian, sorry for confusion, in this case you should be permanently connected despite your client telling you RECONNECTING... this is how it worked for me on debian and ubuntu

Link to post
Share on other sites
  • 0
torguard_user_debian

Thank you for all that good info.  I will definitely enable logging and look into details.  I am unfortunately tied up for 2 days,  I will get right on this as soon as I am able.

Link to post
Share on other sites
  • 0
torguard_user_debian

I just wanted to follow up this post.  With a bit of monitoring and utilizing all of the information provided above.  I have discovered that waiting 40-45 seconds after waking the computer from pm-suspend, it successfully reconnects!  I am using the exact same version (current) listed above and have made no system changes.  This 45 second waiting period is something I never noticed, because I was clicking disconnect / connect after waking the computer......being impatient.  I hope this helps anyone experiencing this same issue. 

Also this is with a wifi connection on a laptop.  No testing was performed on a ethernet connection.

  • Like 1
Link to post
Share on other sites
  • 0
19807409
21 hours ago, torguard_user_debian said:

I just wanted to follow up this post.  With a bit of monitoring and utilizing all of the information provided above.  I have discovered that waiting 40-45 seconds after waking the computer from pm-suspend, it successfully reconnects!  I am using the exact same version (current) listed above and have made no system changes.  This 45 second waiting period is something I never noticed, because I was clicking disconnect / connect after waking the computer......being impatient.  I hope this helps anyone experiencing this same issue. 

Also this is with a wifi connection on a laptop.  No testing was performed on a ethernet connection.

I maybe would add one simple correction which is I guess important to understand. When you write "it successfully reconnects!", then it means you were disconnected. With wireguard, you are kinda not disconnected, either there is a handshake or there is no handshake. Assume server is off for a day, your client would try the handshake as long as active.

Why I actually point to this here is because it is kinda logical understanding connect-reconnect-disconnect etc.. and when your PC is off then it is logically disconnected, then people logically want to setup different disconnect scenarios etc.. . But wireguard is connection-less protocol and it is pretty full of different features, one most important is it is available on all platforms and the second one is how easy it is to configure and by that I mean complex configuration which would take a lot more efforts with other vpn protocols. As example, you have a home pc connected to torguard, but you would like to be also permanently connected with other devices. This can be done with TorGuard client, what you can not do is as example adding other peers, lets say, you add to your home pc additional peer of your mobile phone and to your phone additional peer to your pc (all in same config which connects to wireguard). By that you can easily setup your own network which communicates directly with all your peers and uses torguard for internet. In your home network where your pc is connected and permanently connected to torguard, you can use same config to actually to be a gateway for all other wireguard clients in your home network (which you can access also separately from torguard in case you want). Like with scripts, there is I guess endless number of use cases. I pointed just simple examples.

Now taking those complex scenarios and maybe involving additional server. When any of those servers is restarted, or peers, they would still be connected to every other peer (considered gateway works) and as soon as restarted device gets online, handshake is done and that is it, you do not need any scripts for like you say connect/reconnect.

For more info about wireguard, best to read directly at wireguard, here is simple protocol description: https://www.wireguard.com/protocol/

Link to post
Share on other sites
  • 0
torguard_user_debian
18 hours ago, 19807409 said:

I maybe would add one simple correction which is I guess important to understand. When you write "it successfully reconnects!", then it means you were disconnected. With wireguard, you are kinda not disconnected, either there is a handshake or there is no handshake. Assume server is off for a day, your client would try the handshake as long as active.

Why I actually point to this here is because it is kinda logical understanding connect-reconnect-disconnect etc.. and when your PC is off then it is logically disconnected, then people logically want to setup different disconnect scenarios etc.. . But wireguard is connection-less protocol and it is pretty full of different features, one most important is it is available on all platforms and the second one is how easy it is to configure and by that I mean complex configuration which would take a lot more efforts with other vpn protocols. As example, you have a home pc connected to torguard, but you would like to be also permanently connected with other devices. This can be done with TorGuard client, what you can not do is as example adding other peers, lets say, you add to your home pc additional peer of your mobile phone and to your phone additional peer to your pc (all in same config which connects to wireguard). By that you can easily setup your own network which communicates directly with all your peers and uses torguard for internet. In your home network where your pc is connected and permanently connected to torguard, you can use same config to actually to be a gateway for all other wireguard clients in your home network (which you can access also separately from torguard in case you want). Like with scripts, there is I guess endless number of use cases. I pointed just simple examples.

Now taking those complex scenarios and maybe involving additional server. When any of those servers is restarted, or peers, they would still be connected to every other peer (considered gateway works) and as soon as restarted device gets online, handshake is done and that is it, you do not need any scripts for like you say connect/reconnect.

For more info about wireguard, best to read directly at wireguard, here is simple protocol description: https://www.wireguard.com/protocol/

 

 

All of this information is very good and thank you for sending it my way.  I really hope this post helps others.  

 

If the mods can mark this as resolved please do.   

 

Thanks again!

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Answer this question...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
×
  • Create New...