Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Virtual private networks
»
Wireguard on Opnsense won't reply to clients after receiving incoming WG packets
« previous
next »
Print
Pages: [
1
]
Author
Topic: Wireguard on Opnsense won't reply to clients after receiving incoming WG packets (Read 1565 times)
BenMc
Newbie
Posts: 2
Karma: 0
Wireguard on Opnsense won't reply to clients after receiving incoming WG packets
«
on:
October 15, 2023, 08:13:23 pm »
I'm trying to set up Wireguard on Opnsense 23.7.6 and I can't get WG to reply to my clients. I have a firewall rule that accepts incoming WG packets (UDP port 51820 on WAN interface) and, when I enable logging, I see firewall log messages showing that the packets arrive and are passed. (I.e. the log messages in Live View is green).
But, I never see any log messages in Wireguard. I've enabled ALL log categories in the WireGuard log file and all I'll ever see are messages showing start and stop of the Wireguard interface (wg1). Nothing that indicates any kind of activity like a client trying to 'log in' to WG. No errors, not debug messages, nothing... Meanwhile, the clients just retry sending the initial handshake packets over and over again.
I added 'wg1' to my interface mappings and I see 'wg1' in my interface list on the Dashboard page. So, that seems OK. I've tried Windows and Android clients and neither is able to connect.
I'm out of ideas. Any suggestions about how to fix or debug this?
Thanks.
Logged
Monviech (Cedrik)
Global Moderator
Hero Member
Posts: 1619
Karma: 177
Re: Wireguard on Opnsense won't reply to clients after receiving incoming WG packets
«
Reply #1 on:
October 15, 2023, 09:15:47 pm »
Have you added any peers to your instance? In instances you have to select the peers.
If theres still no reply the keys might be wrong. Wireguard doesnt respond if theres no matching key.
Logged
Hardware:
DEC740
BenMc
Newbie
Posts: 2
Karma: 0
Re: Wireguard on Opnsense won't reply to clients after receiving incoming WG packets
«
Reply #2 on:
October 15, 2023, 09:35:37 pm »
Thanks for your reply.
Yes, I've added the peer to the server instance.
But, thanks for suggesting I check the keys. I, henceforth known as
Idiot
, had copied my client's
private
key into the
public
key configuration of that peer on the server.
The tunnel came right up once I fixed that.
Duh
.
Thanks again.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
Virtual private networks
»
Wireguard on Opnsense won't reply to clients after receiving incoming WG packets