Wireguard handshake

[Ray]

Hello Dear Members!

For several months I can’t deal with Wireguard. And this begins to drive me crazy.
It seems to me that I tried all the manuals on the Internet.

In the end, I settled on this:
https://github.com/opnsense/docs/blob/master/source/manual/how-tos/wireguard-client.rst
Everything is done as described.
But the handshake only occurs if I am on the same wifi-network with the WG server. And everything works great.

If I plunge from a mobile network, handshakes do not happen.
WAN-rule passed.
The client is trying to make a handshake, and nothing happens further.

Help me please how to find out what is the problem?

[Ray]

Screens

[Greelan]

You will need to post your actual configs on OPNsense and mobile phone. The screenshots above give very little useful info

BTW, the web version of the how-to is easier on the eye xD

https://docs.opnsense.org/manual/how-tos/wireguard-client.html

[Ray]

Configs

[Greelan]

Looks OK

Is unbound actually listening on the WG interface? You've specified that for DNS on the mobile

What about your WAN rule and WG interface rules?

[Ray]

Adhuardhome listens to all interfaces. I have OpenVPN servers and they will resolve without problems.
And when I am in one WiFi network and a handshake occurs, Adguardhome resolving a WG client "192.168.33.10"

Interface Wg is on.

[Greelan]

Have you applied that second rule? The screenshot still says it hasn't been applied

[Greelan]

And your WG subnet is totally different to your LAN, right? No overlapping subnets?

[Ray]

Yes, the rule are applied.
I moved it up from the inactive for the screenshot and not to apply it

Subnets are not overlapping. I think I could not connect to WG from the home network if the subnets overlapping.

[Ray]

Netstat

[spyware-avoidance]

I have been experiencing the same thing. The issue is that mine works once in a while, for example, if I make a change in OPNsense, and then go back and restore settings (to undo the change), then WireGuard works from external network. Then after a while it will not work no matter what.
I'm new to OPNsense, so I have done steps in the documentation several times, and WireGuard just works randomly, and it doesn't work more often than it does work.
This is an issue I have been experiencing since I started using OPNsense, so something is probably wrong with the server itself, or the way configuration are applied. I have other services running, so I suppose the firewall rules work, because I do not have any issues with those.
I was just about to hook up a darn RaspberryPi to the router and just do a NAT port forward, because I can't seem to figure out what is going on with Wireguard in OPNsense.
Edit: rebooting OPNsense does not make a difference, only if I revert a change under the system menu, and even then it only lasts for a while before it stops working again.