Wireguard and SG-1100 - Won't Handshake
-
Has anyone had any issues with the wireguard package on an ARM powered SG-1100 appliance? I have a wireguard tunnel and peers set up on one of my pfsense installs on a x86 machine and had little issue setting that up, but I just got a SG-1100 for a family member and I can't for the life of me get a client to handshake.
-
WG is installed an enabled
-
Firewall rule on WAN to Allow UDP on 51820
-
Firewall rule on wireguard to allow from source which I have set as 10.1.15.0/24, that subnet being the subnet I chose for my WG interface
-
Hybrid NAT rule on outbound for 10.1.15.0/24 NAT address being WAN address
-
Tunnel is set up as 10.1.15.1/24
-
Peer is set up as 10.1.15.2/32
-
Macbook client is set as (keys are hidden, but public key from the Macbook client is input into the pub key of the pfsense peer, and pfsense tunnel public key is in the config below under peer pub key):
[Interface] PrivateKey = xxx Address = 10.1.15.2/24 DNS = 10.1.15.1 [Peer] PublicKey = xxx AllowedIPs = 0.0.0.0/0 Endpoint = myIPaddress:51820Tried reinstalling the package, rebooting the appliance, tried an iphone and macbook as clients, tried different ports and subnet's. I can't for the life of me get it to handshake. Anyone have any idea? Is there some weird ARM issue with this package?
-
-
This post is deleted! -
C cmcdonald moved this topic from pfSense Packages on
-
@ligistx-0 I test on several hardware platforms, including the 1100. No issues to report in regards to arm platforms.
Can you report your package versions from the WireGuard > Status page ?
WireGuard is a very quiet protocol, meaning that it won't "come alive" unless there is actually traffic to pass down the tunnel.