WireGuard on Windows: Unable to create Wintun interface: Error registering rings: Error listing NDIS interfaces: no interfaces found

[Simon Rozman]

Hi,

> I have installed WireGuard on Windows server 2017. When I manually
> activate the tunnel through the client application (manager) all works
> fine. After I restart the computer, WireGuard fails to start
> automatically. The log contains the following error:
> 
> [tun] [wg0] Unable to create Wintun interface: Error registering
> rings: Error listing NDIS interfaces: no interfaces found
> 
> I can explicitly/manually activate the tunnel through the client
> application but I need the tunnel to start automatically if the machine
> restarts.
> 
> I have it installed in other Windows Server 2017 machines and on those
> machines WireGuard starts automatically when the system boots.
> 
> I would appreciate your help in addressing the problem of WireGuard auto
> start when the machine boots.

Looks like the WireGuard tunnel service is started too early on this particular computer - even before Windows networking (NDIS).

We need to investigate, which additional service or resource we need to make the Wireguard tunnel services depend on.

I would suggest you to change the WireGuard Manager and Tunnel services startup to Automatic (Delayed), but I am afraid the WireGuard Manager service deletes the tunnel services on each shutdown and recreates them on startup.

Furthermore, delayed-started services come up way after the Group Policy Client service. If you use WireGuard to remotely connect this computer to your Active Directory, the boot-time Group Policies won't apply.

So, anyway you slice it... we need to fix this in WireGuard service dependencies (or add a retry loop on boot as a last resort). Stay tuned.

Regards,
Simon