Routing Gateway Problem With Wireguard and WAN

Hello Netgate community,

I recently setup wireguard on pfsense (using a vpn paid service) and it's working but it has one issue.

The Issue:

If I turn off wireguard, internet seems to go down completely. (Until I switch gateway default back to WAN)

If I turn wireguard on but with the WAN gateway set to default, my real ISP public IP is leaked. If I have wireguard on but with the wireguard gateway set to default, everything works.

Sometimes, if I reboot pfsense (for example), wireguard will turn on but internet will be down until I set WAN gateway as default gateway, then set the Wireguard gateway back to default gateway. Only then will internet work again when wireguard is started.

Gateways:

WAN gateway is set to dynamic
Wireguard gateway is set to an IP give to me by the VPN service and monitor IP is set to: 1.0.0.1

Im not 100% sure what the issue is. My hunch is maybe my routing gateway settings?

Any help would be greatly appreciated.

Thank you

@techgeek055 Here are some logs when I turn wireguard off and internet doesn't work:

gateways:

dpinger 34996 send_interval 500ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 1 alert_interval 1000ms latency_alarm 500ms loss_alarm 20% dest_addr xxx.xxx.x.xx4 bind_addr xxx.xxx.x.x4 identifier "WAN_DHCP "

general:

Mar 10 14:17:11 kernel tun_wg0: link state changed to DOWN
Mar 10 14:17:11 php 29760 /usr/local/pkg/wireguard/includes/wg_service.inc: Configuration Change: (system): [pfSense-pkg-WireGuard] Disabled all WireGuard gateways.
Mar 10 14:17:11 check_reload_status 307 Syncing firewall
Mar 10 14:17:11 check_reload_status 307 Reloading filter
Mar 10 14:17:14 php-fpm 52299 /status_services.php: The command '/usr/local/etc/rc.d/wireguardd stop' returned exit code '1', the output was ''
Mar 10 14:19:00 sshguard 411 Exiting on signal.
Mar 10 14:19:00 sshguard 9661 Now monitoring attacks.

Anyone able to offer any recommendations?

So currently, any time the pfsense box restarts, internet goes down, or I unplug the internet cable, the pfsense box comes back up any all services run but internet is down.

Each time this happens, the only fix is to:

go to: System -> routing , then change the default gateway ip4 to one that isnt my vpn wireguard gateway, then press save. Then put it back to the VPN wireguard gateway. Then internet will work.

mcury

Check if this video can help you:

Video from Christian McDonald:
Youtube Video

@mcury will do, thank you! will update soon

@mcury didn't figure it out still. Our configs are similar, just that I use 1 wireguard instance currently. NAT outbound is different.

Another thing I noticed was that when I switch to WAN as default gateway, my IP address uses the public ISP IP address even when wireguard is on.

I'll keep digging... If I cant figure out I might switch VPN providers to mullvad...