@michmoor When I initially set up the account, I falsely assumed the fiber network would be 300 down, 300 up since it is fiber. I had the same set up at a previous location. Turned out it is actually 300 down, 10 up. As usual, the issue was PEBKAC, as I did not do my due diligence researching the ISPs in the area.

@bob-dig yes, I am now using different listen ports on the 2 mullvad tunnels. Hopefully that resolves the issue.

I find the problem. In the Wireguard Setting, I need to add the DNS IP in both [Interface]DNS and [Peer]AllowedIPs Also, I need to add rule to pass the traffic to the Wireguard IP [Interface] DNS = 10.1.1.1 [Peer] AllowedIPs = 192.168.2.20/32, 10.1.1.1/32

@mikegnd98 said in Wireguard using a virtual private provider (IVPN) and LAN access: which is weird because it doesn't sound that complex. It is not and what you want should work anyway. You can use a VPN for all your outgoing traffic and still connect with your phone to your own VPN server at home, so not sure what your real problem is.

@frodet Here. There is something already but it is closed for no good reason in hindsight. Reading the comments, maybe disabling the keepalive helps...

I have the same problem, i did install again pfsense and do it manually and today i did understand that wireguard was the problem. I had no other option and i remove that package. Wireguard was messing with my pppoe connection for going up/dpinger sometimes one peer would not work etc etc..uff

@sensewolf Okay, found the error: At the remote end, I allow all IPs through the wireguard tunnel. But I incorrectly provided this as 0.0.0.0/24 instead of 0.0.0.0/0. After changing this, the tunnel became stable.

@davidstoll [image: 1666990621007-421998a0-1f2b-4989-a4bc-30284dfab657-image.png] Peer Network <-----WG Tunnel------> Host Network 172.16.11.0 10.6.210.0 192.168.10.0 Peer LAN Gateway | Peer Tunnel Gateway <-----WG Tunnel------> HostTunnel Gateway | Host LAN Gateway 172.16.11.1 10.6.210.2 10.6.210.1 192.168.10.1 Peer Static Route 192.168.10.0 | Gateway: 10.6.210.1 Host Static Route 172.16.11.0 | Gateway: 10.6.210.1

Yes, it is possible. Follow this guide https://docs.netgate.com/pfsense/en/latest/recipes/wireguard-s2s.html Then add these configurations that I posted on this thread. https://forum.netgate.com/topic/175495/wireguard-22-05-4100

Update: I changed the system tunables parameters to [image: 1666110268322-65ad22cb-f9a0-4507-8953-2c6ad142c52e-image.png] and the speed has increased about 2x. 250 down/up. Still not maxing out my full CPU though. Any ideas?

@itestandroid Did you ever figure this out?