Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Wireguard is not routing any traffic

    Scheduled Pinned Locked Moved WireGuard
    44 Posts 6 Posters 12.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      matosc @Bob.Dig
      last edited by

      @bob-dig I really appreciate the help.

      I changed my config to test this more - recreated the wireguard configuration and removed the OpenVPN connections entirely.

      Still can't connect from the single device on the network that is configured with a LAN rule to only connect to the specified gateway.

      4199cc8b-6b4c-451e-83ae-c691827e0c1d-image.png

      Here is the latest config.

      478d3c3a-2604-4a79-a8aa-cd8a22af0262-image.png

      c95323e6-c34c-4413-b010-3adacb6ba67b-image.png

      9a6ac3ba-cc6d-4296-92f8-3b0eba68e61f-image.png

      25803738-db83-4f03-ad26-b50dbf859c3d-image.png

      e8796e49-577a-4966-8a44-14c174d4c914-image.png

      e21a06a6-6982-42a8-9c03-0093a108c43c-image.png

      fd524fff-7737-4dcd-817a-08e7ce3f15f7-image.png

      539cd277-4257-4bb6-bbc4-6383d971233e-image.png

      Bob.DigB 1 Reply Last reply Reply Quote 0
      • Bob.DigB
        Bob.Dig LAYER 8 @matosc
        last edited by Bob.Dig

        @matosc You could switch to Automatic Outbound NAT for now if you don't use OVPN.
        Have you given your public Key to ss in their WebUI?
        Your LAN rule has no fault?
        No rules on the WireGuard Group Interface, if it exist.

        I just got WG from pfSense to my android phone working, it took me ages... 🤢

        M 1 Reply Last reply Reply Quote 0
        • M
          matosc @Bob.Dig
          last edited by

          @bob-dig thanks for idea of turning on Automatic Outbound NAT. It's working! There must have been a hidden issue in the background. Anyway, I'm very happy that I can finally connect via WG.

          Everyone once and a while I lose WG connection and route via the WAN. This kinda sounds like what others are experiencing. Will track this topic and see if others report the same.

          1 Reply Last reply Reply Quote 0
          • Bob.DigB
            Bob.Dig LAYER 8
            last edited by Bob.Dig

            @Thisisme How is it going? How many WG-tunnels have you running with ss?

            ? 1 Reply Last reply Reply Quote 0
            • ?
              A Former User @Bob.Dig
              last edited by

              @bob-dig I have one tunnel atm. But I'm not sure about it. I have the same problem with OpenVPN and WG: several times a day I get packet loss leading to gateway shutdown. But with WG it seems more often.

              Bob.DigB J 2 Replies Last reply Reply Quote 0
              • Bob.DigB
                Bob.Dig LAYER 8 @A Former User
                last edited by Bob.Dig

                @thisisme I went crazy today and created 5 VMs, each with OpenWRT. Every VM has one WG-tunnel and all are connected to pfSense. I use these as gateways, so no more overlapping IP issues. Lets see how it goes. 😉

                1 Reply Last reply Reply Quote 0
                • J
                  Jarhead @A Former User
                  last edited by

                  @thisisme said in Wireguard is not routing any traffic:

                  @bob-dig I have one tunnel atm. But I'm not sure about it. I have the same problem with OpenVPN and WG: several times a day I get packet loss leading to gateway shutdown. But with WG it seems more often.

                  Set your Wireguard interface MTU to 1420.

                  Bob.DigB 1 Reply Last reply Reply Quote 0
                  • Bob.DigB
                    Bob.Dig LAYER 8 @Jarhead
                    last edited by Bob.Dig

                    @Thisisme With my 5 virtual OpenWRT Routers I have no problems at all, running fantastic. So it might be that ss doesn't like the pfSense implementation of WG.

                    Screenshot 2022-09-07 175309.png

                    JeGrJ 1 Reply Last reply Reply Quote 0
                    • JeGrJ
                      JeGr LAYER 8 Moderator @Bob.Dig
                      last edited by

                      @bob-dig You're living on the edge with these dummy GW IPs (1.1.1.2-7). Those are NO valid IPs from CF DNS but random services that can be on- and off at will. I'd think about better not using those if I don't exactly know where or what is behind them ;)

                      Don't forget to upvote 👍 those who kindly offered their time and brainpower to help you!

                      If you're interested, I'm available to discuss details of German-speaking paid support (for companies) if needed.

                      Bob.DigB 1 Reply Last reply Reply Quote 1
                      • Bob.DigB
                        Bob.Dig LAYER 8 @JeGr
                        last edited by

                        @jegr Using them for years now without a problem but thanks for the heads up, it is only for my personal use anyway.

                        1 Reply Last reply Reply Quote 0
                        • Bob.DigB
                          Bob.Dig LAYER 8
                          last edited by Bob.Dig

                          @JeGr Apropos living on the edge. 😉

                          Screenshot 2022-09-18 161302.png

                          1 Reply Last reply Reply Quote 0
                          • First post
                            Last post
                          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.