"
Just wanted to add that after finding a similar thread (https://www.reddit.com/r/opnsense/comments/1fdprdn/wireguard_server_only_works_when_i_port_forward/), i was able to get things working by creating a port forwarding rule. Now i wish i could figure out why i need to create the port forwarding rule when none of the guides call that out.
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages1
#1
Virtual private networks / Re: Yet another wireguard connection problem
June 05, 2025, 11:19:25 PM #2
Virtual private networks / Yet another wireguard connection problem
June 01, 2025, 06:55:37 PM
Update for anyone finding this thread: Creating a port forward rule finally made this work for me. I don't understand why this is needed or what it does differently since no guide i can find calls this out.
I've read every thread I can find here and followed countless guides but I still can't get wireguard in OPNsense working. I'm trying to setup a simple "Road Warrior" setup so I can access my home network from my phone on the go. I think my problem is the wireguard traffic isn't getting to the wireguard instance. If I do 'tcpdump -i igc0 port 51820', I can see traffic when I initiate the connection on my client however if I do 'tcpdump -i wg0', I don't see anything.
Additionally, I tried to look at Firewall -> Logs -> Live View by filtering for wg0 and nothing ever shows up. I'm very new to opnsense in case it wasn't obvious.
I've tried:
Included below are screenshots of my configuration. For what it's worth, I use the peer generator in opnsense. I will recreate a new instance with new public/private keys after this post.
I've read every thread I can find here and followed countless guides but I still can't get wireguard in OPNsense working. I'm trying to setup a simple "Road Warrior" setup so I can access my home network from my phone on the go. I think my problem is the wireguard traffic isn't getting to the wireguard instance. If I do 'tcpdump -i igc0 port 51820', I can see traffic when I initiate the connection on my client however if I do 'tcpdump -i wg0', I don't see anything.
Additionally, I tried to look at Firewall -> Logs -> Live View by filtering for wg0 and nothing ever shows up. I'm very new to opnsense in case it wasn't obvious.
I've tried:
- Double and triple checked my public/private keys and they match
- With and without the normalization rule from the official guide
- Using only the auto-generated outbound rules and creating a manual rule from the official guide
- Turning "block private networks" on and off in wan settings
- A variety of private network addresses
- Creating 'out' rules to mirror the 'in' rules
- Restarting the wireguard service
- Different wireguard ports
Included below are screenshots of my configuration. For what it's worth, I use the peer generator in opnsense. I will recreate a new instance with new public/private keys after this post.
Pages1
