I'm attempting to configure Wireguard to route traffic from a VPS to Wireguard on OpnSense. I previously had the road warrior wiregaurd setup but have since removed that. I'm not looking to route outgoing traffic through wireguard, just get incoming traffic from the VPS to route to the configured interface where I can then add firewall rules to access specific vlans, hosts, and services mostly through a reverse proxy.
After lots of debugging I'm not sure why the connection doesn't work.
I've verified that from OpnSense I can reach the public IP of the VPS and the UDP port with nc but the OpnSense Wireguard never completes a handshake.
What else should I be looking at to figure out why OpnSense cannot create the Wireguard tunnel to the VPS?
OpnSense: nc
nc -z -v -u <vps public ip> <vps wireguard port>
> Connection to *** 55298 port [udp/*] succeeded!
OpnSense: List Configuration
interface: wg0
public key: ***
private key: (hidden)
listening port: 55398
peer: ***
endpoint: ****:55298
allowed ips: 192.168.100.0/24
transfer: 0 B received, 24.71 KiB sent
persistent keepalive: every 25 seconds
OpnSense: Handshakes
wg0 *** 0
VPS: wg
interface: wg0
public key: ***
private key: (hidden)
listening port: 55298
peer: ***
allowed ips: 192.168.100.2/32