26
[Fixed] Weird Wireguard issues I could use some help with. (lemmy.procrastinati.org)
submitted 10 months ago* (last edited 10 months ago) by SeeJayEmm@lemmy.procrastinati.org to c/selfhosted@lemmy.world
29 comments fedilink hide all child comments

I've hit a wall with a weird Wireguard issue. I'm trying to connect my phone (over cell) to my home router using wireguard and it will not connect.

  • The keys are all correct.
  • The IPs are all correct.
  • The ports are open on the firewall.
  • My router has a public IP, no CGNAT.

The router is opnsense, I have a tcpdump session going and when I attempt a connection from the phone I see 0 packets on that port. I am able to ping the router and reach the web server sitting behind it from the phone.

I have a VPS that I configured WG on and the phone connects fine to that. I also tested configuring the VPS to connect to my home router and that also works fine.

I'm really at a loss as to where to go next.

Edit 2: I completely blew out the config on both sides and rebuilt it from scratch, using a different UDP port, and it all appears to be working now. Thanks for everyone's help in tracking this down.

Edit: It was requested I provide my configs.

opnsense:

####################################################
# Interface settings, not used by `wg`             #
# Only used for reference and detection of changes #
# in the configuration                             #
####################################################
# Address =  172.31.254.1/24
# DNS =
# MTU =
# disableroutes = 0
# gateway =

[Interface]
PrivateKey = 
ListenPort = 51821

[Peer]
# friendly_name = note20
PublicKey = 
AllowedIPs = 172.31.254.100/32

Android:

[Interface]
Address = 172.31.254.100/32
PrivateKey = 

[Peer]
AllowedIPs = 0.0.0.0/32
Endpoint = :51821
PublicKey =
you are viewing a single comment's thread
view the rest of the comments
[-] hungover_pilot@lemmy.world 2 points 10 months ago

If your VPS can connect to your home router as a client it sounds like your wireguard server on opnsense is working correctly.

Might be a problem with your phones WG config. Have you tried taking the client .conf file from your VPS and loading it onto your phone to test a working config file?

[-] SeeJayEmm@lemmy.procrastinati.org 1 points 10 months ago

I didn't think the wg-quick conf is compatible but I'll look into that in the am.

[-] lemming741@lemmy.world 0 points 10 months ago* (last edited 10 months ago)

For the love of all that is holy

At least change the interface IP. I multiboot my laptop and when I copied a wg.conf being lazy, the server basically ignored the newer client. I had to boot back into the OG OS and add a peer via ssh. I'm still learning wg but don't count on clones interfaces working.

[-] SeeJayEmm@lemmy.procrastinati.org 1 points 10 months ago

All I meant was, it hadn't occurred to me that the android app and wg-quick used the same file format. I can certainly give this a try.

this post was submitted on 20 Dec 2023
26 points (93.3% liked)

Selfhosted

39677 readers
250 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS
ruud@lemmy.world
Loki@lemmy.world
CannaVet@lemmy.world
devve@lemmy.world
HybridSarcasm@lemmy.world
HybridSarcasm@lemmy.hybridsarcasm.xyz