Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
21.7 Legacy Series
»
Wireguard not passing UDP traffic - all UDP traffic blocked
« previous
next »
Print
Pages: [
1
]
Author
Topic: Wireguard not passing UDP traffic - all UDP traffic blocked (Read 2758 times)
nzkiwi68
Full Member
Posts: 182
Karma: 20
Wireguard not passing UDP traffic - all UDP traffic blocked
«
on:
January 19, 2022, 04:32:03 am »
I've setup some site to site VPN tunnels using WG for a migration project from another firewall using IPSEC tunnels
I have build specific fw rules on the "Wireguard (Group" fw rules tab, including rules for TCP/UDP
Citrix users, running an older Citrix client can logon, but, newer client including thin client OS couldn't logon
After a bit of work, I figured out that OPNsense is blocking UDP traffic. TCP and ICMP is passing just fine, but all UDP traffic is getting blocked.
Somehow, TCP and ICMP are routing up and down the WG tunnels and passing correctly through the firewall rules, but, not UDP.
See the screen capture showing blocked UDP. I guarantee 100% there IS a firewall rule on the "Wireguard (Group)" fw rules tab to allow this UDP traffic, but, somehow TCP and ICMP are being treated differently.
Questions
I don't have a "wg0" interface setup - do I need to add that "wg0" interface?
If I add that, do have to give it an IP address?
Any help appreciated.
Logged
Greelan
Hero Member
Posts: 1028
Karma: 72
Re: Wireguard not passing UDP traffic - all UDP traffic blocked
«
Reply #1 on:
January 19, 2022, 11:35:45 am »
What do the firewall rules look like?
Logged
OmnomBánhmì
Newbie
Posts: 20
Karma: 2
Re: Wireguard not passing UDP traffic - all UDP traffic blocked
«
Reply #2 on:
January 19, 2022, 04:50:26 pm »
Try enabling logging on all possibly relevant firewall rules, and check the log.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
21.7 Legacy Series
»
Wireguard not passing UDP traffic - all UDP traffic blocked