Hello all,
I was just testing Wireguard and I want to disable it so nobody can connect. No matter what I try, I can still connect (even though traffic doesn't flow).
1. Disabled FW rules allowing external traffic across 51820 (WAN Rule)
2. Disabled FW rules under Wireguard to allow all traffic once connected
3. Under VPN -> Wireguard, unchecked the box that says Enable Wireguard
No matter what I can still connect with the Wireguard client (Windows). It connects, but because the rules are disabled, there's no traffic. I can connect both externally and internally.
Am I missing something here?
Thanks!
It turns out I don't know how Wireguard works.
After looking more at the firewall logs, traffic to 51820 UDP is blocked when the rules are disabled.
I didn't realize Wireguard was stateless and even though it says connected in the client, it doesn't mean anything. You're either getting traffic back or not.