@michmoor When I initially set up the account, I falsely assumed the fiber network would be 300 down, 300 up since it is fiber. I had the same set up at a previous location. Turned out it is actually 300 down, 10 up. As usual, the issue was PEBKAC, as I did not do my due diligence researching the ISPs in the area.

@bob-dig yes, I am now using different listen ports on the 2 mullvad tunnels. Hopefully that resolves the issue.

I find the problem.

In the Wireguard Setting, I need to add the DNS IP in both [Interface]DNS and [Peer]AllowedIPs
Also, I need to add rule to pass the traffic to the Wireguard IP

[Interface]
DNS = 10.1.1.1

[Peer]
AllowedIPs = 192.168.2.20/32, 10.1.1.1/32

@mikegnd98 said in Wireguard using a virtual private provider (IVPN) and LAN access:

which is weird because it doesn't sound that complex.

It is not and what you want should work anyway. You can use a VPN for all your outgoing traffic and still connect with your phone to your own VPN server at home, so not sure what your real problem is.

@frodet Here. There is something already but it is closed for no good reason in hindsight.
Reading the comments, maybe disabling the keepalive helps...

I have the same problem, i did install again pfsense and do it manually and today i did understand that wireguard was the problem.
I had no other option and i remove that package.
Wireguard was messing with my pppoe connection for going up/dpinger sometimes one peer would not work etc etc..uff

@sensewolf

Okay, found the error:

At the remote end, I allow all IPs through the wireguard tunnel. But I incorrectly provided this as 0.0.0.0/24 instead of 0.0.0.0/0. After changing this, the tunnel became stable.

@davidstoll

421998a0-1f2b-4989-a4bc-30284dfab657-image.png

Peer Network <-----WG Tunnel------> Host Network
172.16.11.0 10.6.210.0 192.168.10.0

Peer LAN Gateway | Peer Tunnel Gateway <-----WG Tunnel------> HostTunnel Gateway | Host LAN Gateway
172.16.11.1 10.6.210.2 10.6.210.1 192.168.10.1

Peer Static Route
192.168.10.0 | Gateway: 10.6.210.1

Host Static Route
172.16.11.0 | Gateway: 10.6.210.1

Yes, it is possible.

Follow this guide
https://docs.netgate.com/pfsense/en/latest/recipes/wireguard-s2s.html

Then add these configurations that I posted on this thread.
https://forum.netgate.com/topic/175495/wireguard-22-05-4100

Update:
I changed the system tunables parameters to
65ad22cb-f9a0-4507-8953-2c6ad142c52e-image.png

and the speed has increased about 2x. 250 down/up. Still not maxing out my full CPU though. Any ideas?