WG VPN setup not returning data to client

erictpowersoft.ca · Dec 24, 2022, 5:48 PM

I had a WG setup that worked great until my pfSense hardware crashed. Rebuilt on an old Dell box now; everything except WG is working. Data seems to flow from peer through WG to internet, but data coming back looks to be blocked and I can't figure out why. My WG is assigned to interface OPT1 (static IP4 192.168.47.1/24), and I have firewall rule for OPT1 passing any to any. In WAN rules I have allow UDP port 51820.
My client is android (allowed IP=192.168.47.106/32); updated public keys because of new tunnel.
What am I missing?

erictpowersoft.ca · Dec 24, 2022, 7:40 PM

@erictpowersoft-ca - PS: My OPT1/Wireguard interface shows many packets received, 0 packets sent.

erictpowersoft.ca · Dec 27, 2022, 10:04 PM

Previous use of the old Dell box used a third NIC on OPT1 with Captive Portal. The NIC was removed, which freed up OPT1, but Captive Portal was still active, and then interfered with WireGuard on the OPT1 interface. Removing Captive Portal made it work.

simmarn · Dec 28, 2022, 8:03 AM

Sounds like Outbound NAT is missing. https://docs.netgate.com/pfsense/en/latest/recipes/wireguard-client.html#outbound-nat