`fly ssh` fails with error: "tunnel unavailable" ... "timed out (context deadline exceeded)"

Questions / Help
,
1 
user@Mac-001 ~/1/myapp (main) [1]> fly ssh console -a myapp
Connecting to tunnel 🌏Error: tunnel unavailable: Error contacting Fly.io API when probing "personal": timed out (context deadline exceeded)

All SSH sessions for this app have frozen and I can’t SSH back in, even after redeploying the app.

There’s no indication that anything is wrong either on the status page or my own dashboard.

Apparently, there used to be similar bugs in the past (e.g. one, two) but that was 3+ years ago.

I’m stumped. Any ideas?

PS: this was working 1h ago and for the past several weeks, so fly doctor isn’t super useful here.

user@Mac-001 ~/1/myapp (main) [1]> fly doctor
Testing authentication token... PASSED
Testing flyctl agent... PASSED
Testing local Docker instance... Nope
Pinging WireGuard gateway (give us a sec)... FAILED
(Error: ping gateway: no response from gateway received)

We can't establish connectivity with WireGuard for your personal organization.

WireGuard runs on 51820/udp, which your local network may block.

If this is the first time you've ever used 'flyctl' on this machine, you
can try running 'flyctl doctor' again.

If this was working before, you can ask 'flyctl' to create a new peer for
you by running 'flyctl wireguard reset'.

If your network might be blocking UDP, you can run 'flyctl wireguard websockets enable',
followed by 'flyctl agent restart', and we'll run WireGuard over HTTPS.

Running flyctl wireguard reset didn’t work either. It just hangs.

user@Mac-001 ~/1/myapp (main)> flyctl wireguard reset
? Select Organization: REDACTED (personal)
Error: websocket: failed to WebSocket dial: failed to send handshake request: Get "https://cdg1.gateway.6pn.dev:443/": dial tcp 176.58.90.244:443: connect: operation timed out

Running wireguard over HTTPS also does not work. Very confusing.

user@Mac-001 ~/1/myapp (main)> flyctl wireguard websockets enable
user@Mac-001 ~/1/myapp (main)> flyctl agent restart
user@Mac-001 ~/1/myapp (main)> fly doctor
Testing authentication token... PASSED
Testing flyctl agent... PASSED
Testing local Docker instance... Nope
Pinging WireGuard gateway (give us a sec)... PASSED
Testing WireGuard DNS... PASSED
Testing WireGuard Flaps... FAILED
(Error: wireguard dialer: failed to dial _api.internal: connect tcp [fdaa:0:3ca8::3]:4280: connection was refused)

We can't access Flaps via a WireGuard tunnel into your personal organization.
This is likely a platform issue, please contact support.
2

I cloned the volume from PAR to FRA, then started a new machine in FRA with the cloned volume attached. And I still can’t connect!

user@Mac-001 ~/1/myapp (main) [1]> fly ssh console --machine abcde12345 -a myapp
Connecting to tunnel 🌏Error: tunnel unavailable: Error contacting Fly.io API when probing "personal": timed out (context deadline exceeded)

Same error when trying to SSH into any other app in this org. So this isn’t an app-level or even a regional problem. It’s somehow tied to my entire organization…