Sometimes AmneziaWG didn't complete handshakes

Question

Sometimes AmneziaWG didn't complete handshakes

Closed this issue 25 days ago · 14 comments

Describe the bug
I use AmneziaWG on iOS and Windows with Cloudflare WARP. Sometimes when I connect, I don't have connection. In log files I see message: Sending handshake initiation and then Handshake did not complete aftr 5 seconds, retrying. I changed Jc, Jmin, Jmax and other integers but it doesn't help. Sometimes it works, but sometimes not. Can you fix it?

To Reproduce
Steps to reproduce the behavior:

Go to 'Amnezia WG'
Click on 'Connect'
No completion of handshake sometimes

Expected behavior
Handshake completion every time I connect.

Log files
Attach log files to help explain your problem.

Screenshots

Desktop (please complete the following information):

OS:, Windows 7 SP1
Version [e.g. 1.0.0]

Smartphone (please complete the following information):

Device: iPhone 13 mini
OS: iOS 16
Version 1.0.1 (6)

Answer 1 · 2024-09-04T08:08:05.000Z

I used many settings, many VPN providers and problem exists. I don't know why, but sometimes handshake doesn't complete.

Answer 2 · 2024-09-04T09:17:31.000Z

Hello. Thank you for your message.
Could you please clarify some statements from your message?

The issue appears more on Cellular data (internet) or Home (ISP) internet? Is it the same with all providers?
What do you mean by this: > many VPN providers and problem exists
Am I right that you are using WARP config with AmneziaWG app?

Answer 3 · 2024-09-04T09:22:05.000Z

Hello. Thank you for your message. Could you please clarify some statements from your message?

The issue appears more on Cellular data (internet) or Home (ISP) internet? Is it the same with all providers?

What do you mean by this: > many VPN providers and problem exists

Am I right that you are using WARP config with AmneziaWG app?

Cellular and Home, the same.
Many VPN-providers (Cloudflare WARP, ProtonVPN and others) with Wireguard-configs and AmneziaWG-improvements.
Wireguard-config with AmneziaWG-improvements (Jc and others) in AmneziaWG for iOS and Windows.
90% of connections is successful, but I have problem with handshake in 10% of connections.
To reproduce this you can make config and connect-disable connect-connect again and sometimes you will see, that internet is down and in journal you'll see, that handshake isn't successful. Hope, you will find this and fix. Thanks!

Answer 4 · 2024-09-04T09:27:53.000Z

@kda2495
Am I right that you are using self-hosted solution for AWG protocol?
Did you try to install and connect to any VPS server with AWG protocol through AmneziaVPN app?

Answer 5 · 2024-09-04T09:30:23.000Z

@kda2495
Am I right that you are using self-hosted solution for AWG protocol?
Did you try to install and connect to any VPS server with AWG protocol through AmneziaVPN app?

I've updated my comment from above. No, I haven't tried using any VPS server, just some free VPN-providers. If it is a problem with Cloudflare WARP, so, why it exists with ProtonVPN Wireguard config also?

Answer 6 · 2024-09-04T09:37:43.000Z

@kda2495
Am I right that you are using self-hosted solution for AWG protocol?
Did you try to install and connect to any VPS server with AWG protocol through AmneziaVPN app?

I've updated my comment from above. No, I haven't tried using any VPS server, just some free VPN-providers. If it is a problem with Cloudflare WARP, so, why it exists with ProtonVPN Wireguard config also?

Because of DPI in Russia. They are trying to block Wireguard protocol and all VPN providers. We suggest you to try AWG self-hosted solution.

Answer 7 · 2024-09-04T09:48:58.000Z

@kda2495
Am I right that you are using self-hosted solution for AWG protocol?
Did you try to install and connect to any VPS server with AWG protocol through AmneziaVPN app?

I've updated my comment from above. No, I haven't tried using any VPS server, just some free VPN-providers. If it is a problem with Cloudflare WARP, so, why it exists with ProtonVPN Wireguard config also?

Because of DPI in Russia. They are trying to block Wireguard protocol and all VPN providers. We suggest you to try AWG self-hosted solution.

It's strange, that 90% of connections is successful. Isn't it the problem with the AmneziaWG app?

Answer 8 · 2024-09-04T09:54:26.000Z

@kda2495
Am I right that you are using self-hosted solution for AWG protocol?
Did you try to install and connect to any VPS server with AWG protocol through AmneziaVPN app?

I've updated my comment from above. No, I haven't tried using any VPS server, just some free VPN-providers. If it is a problem with Cloudflare WARP, so, why it exists with ProtonVPN Wireguard config also?

Because of DPI in Russia. They are trying to block Wireguard protocol and all VPN providers. We suggest you to try AWG self-hosted solution.

It's strange, that 90% of connections is successful.

What do you mean by this?

Answer 9 · 2024-09-04T09:57:15.000Z

@kda2495
Am I right that you are using self-hosted solution for AWG protocol?
Did you try to install and connect to any VPS server with AWG protocol through AmneziaVPN app?

I've updated my comment from above. No, I haven't tried using any VPS server, just some free VPN-providers. If it is a problem with Cloudflare WARP, so, why it exists with ProtonVPN Wireguard config also?

Because of DPI in Russia. They are trying to block Wireguard protocol and all VPN providers. We suggest you to try AWG self-hosted solution.

It's strange, that 90% of connections is successful.

What do you mean by this?

When I use any config with AmneziaWG 90% of handshakes (connect-disable connect-reconnect) is successful. But handshake isn't successful with 10% of connections. So, is that mean, that problem can be with AmneziaWG?

Answer 10 · 2024-09-04T10:01:19.000Z

What

@kda2495
Am I right that you are using self-hosted solution for AWG protocol?
Did you try to install and connect to any VPS server with AWG protocol through AmneziaVPN app?

I've updated my comment from above. No, I haven't tried using any VPS server, just some free VPN-providers. If it is a problem with Cloudflare WARP, so, why it exists with ProtonVPN Wireguard config also?

Because of DPI in Russia. They are trying to block Wireguard protocol and all VPN providers. We suggest you to try AWG self-hosted solution.

It's strange, that 90% of connections is successful.

What do you mean by this?

When I use any config with AmneziaWG 90% of handshakes (connect-disable connect-reconnect) is successful. But handshake isn't successful with 10% of connections. So, is that mean, that problem can be with AmneziaWG?

As I understood, you are using Wireguard protocol configs of different VPN providers. As I have told you before, Russian DPI software/hardware is trying to block Wireguard protocol and all VPN providers. We suggest you try AWG protocol. AWG has been created on top of Wireguard with some obfuscation features.

Answer 11 · 2024-09-04T10:09:50.000Z

What

@kda2495
Am I right that you are using self-hosted solution for AWG protocol?
Did you try to install and connect to any VPS server with AWG protocol through AmneziaVPN app?

I've updated my comment from above. No, I haven't tried using any VPS server, just some free VPN-providers. If it is a problem with Cloudflare WARP, so, why it exists with ProtonVPN Wireguard config also?

Because of DPI in Russia. They are trying to block Wireguard protocol and all VPN providers. We suggest you to try AWG self-hosted solution.

It's strange, that 90% of connections is successful.

What do you mean by this?

When I use any config with AmneziaWG 90% of handshakes (connect-disable connect-reconnect) is successful. But handshake isn't successful with 10% of connections. So, is that mean, that problem can be with AmneziaWG?

As I understood, you are using Wireguard protocol configs of different VPN providers. As I have told you before, Russian DPI software/hardware is trying to block Wireguard protocol and all VPN providers. We suggest you try AWG protocol. AWG has been created on top of Wireguard with some obfuscation features.

No, you've understood wrong) So, for example, I make a config of Cloudflare WARP, then I modify it with Jc = 3, Jmin = 40, Jmax = 70 and other recommendated integers. Then I import it in AmneziaWG app and everything works in 90 percents (handshake is successful). But sometimes, when I connect with AmneziaWG, handshake don't complete. I don't use Wireguard, only AmneziaWG apps for iOS and Windows.

Answer 12 · 2024-09-04T10:24:57.000Z

This is what I see on AmneziaWG on Windows. To reproduce this, you should connect-disconnect-connect for some time (10 maybe). And you will see, that AmneziaWG tries to make handshake with server and didn't complete it. If you want, I can make config of Cloudflare WARP to test and reproduce this bug. Also I see this bug on iOS with AmneziaWG app.

Answer 13 · 2024-09-04T10:59:08.000Z

This is what I see on AmneziaWG on Windows. To reproduce this, you should connect-disconnect-connect for some time (10 maybe). And you will see, that AmneziaWG tries to make handshake with server and didn't complete it. If you want, I can make config of Cloudflare WARP to test and reproduce this bug. Also I see this bug on iOS with AmneziaWG app.

Did you try native AWG protocol?

Answer 14 · 2024-09-04T11:00:14.000Z

So, I've fixed it. Maybe it will be help:
When you connect to any server it generates ListenPort. With Cloudflare WARP ListenPort is random. When my ListenPort is 60060, 65008 and some others it doesn't make handshakes. But when I changed in my .conf file string ListenPort to 63399, it works and all handshakes complete.
So, if you have problem like peer(bmXO…fgyo) - Retrying handshake because we stopped hearing back after 15 seconds, you should hardcode a port to listen (such as 63399)