Wireguard stops working after public IP change?

[alto]

Sometime in the night between Tuesday and Wednesday this week my public IP changed, which caused my Wireguard clients to not be able to connect. I then updated the endpoint IP which is behind a public DNS record to the response I get with `curl ifconfig.me` from inside the network. But even with the new IP the clients still fail the Wireguard handshake. This is strange, because I know I was using the VPN on Tuesday evening with no issues when I was out on some errands, and now I can't connect even after updating the DNS record. I've also tried restarting the Wireguard service from the dashboard several times to no effect. What's even stranger is that I can see in the Wireguard `Status` page that there are clients attempting to connect as there is some small amount of data shown in the `Sent` column, but none in `Received`.

I found some older threads where similar behavior was discussed but no clear solutions proposed - is this a known issue with the Wireguard service/plugin in opnsense? Or has some config changed with recent versions? I'm currently on opnsense 25.7.11 and planning on upgrading to 26.1 in the weekend.

Right now my plan of action is to just wait until I can upgrade to 26.1 in a few days. If that doesn't fix it, do I need to uninstall the Wireguard VPN and then reinstall it again, or is there anything else I can do? This behavior is a bit worrying, and I'm not confident to switch to DDNS if the change to a new IP doesn't happen smoothly and instead results in my clients suddenly starting to fail their connections silently.

EDIT: One other suspicion I have is that my ISP may have changed something else. The WAN interface IP I have on opnsense is in the range 100.xx.xx.xx/18 but the response from `curl ifconfig.me` shows an IP in the range 178.xx.xx.xx. I'm not sure if this indicates that they've added some layer of CG-NAT to my connection?