simple Wireguard Road Warrior config by docs no handshake

[spkrb7]

Trying to setup WG for remote access but handshake is not happening. The log from my phone has: "WireGuard/GoBackend/wgopnsense: peer(public key) - Handshake did not complete after 5 second, retrying after 5 seconds, retrying (try 2)". I'm using the officlal opnsense docs for setup. Any help appreciated.

[mimugmail]

Screenshots please

[spkrb7]

Thanks, appreciate your time, my lan addy is 192.168.1.1. https://imgur.com/a/iIn3q0a

[mimugmail]

What is the port forward for? Allow rule on WAN for wg Port is active?

[spkrb7]

What is the port forward for? Allow rule on WAN for wg Port is active?

The port forward in the NAT section is per the instructions for WAN to LAN. It doesn't have the green triangle arrow indicating enabled, don't know if that applies there. Rule allowing WAN for wg is active, tried both in and out.

[mimugmail]

Where in the docs is this?

[spkrb7]

Step 2b:https://wiki.opnsense.org/manual/how-tos/wireguard-client.html#step-2b-setup-firewall-rules

[mimugmail]

Hm, seems it was changed after I wrote the initial one, but will work too.
Instead for using mywireguardservice net in firewall alias, can you just insert the real network?

Since you have assigned the interface but didn't set the IP address (which is correct), OPNsense might have problems to detect this network because addresses are assigned when starting/stopping daemon

[spkrb7]

Thanks for the suggestions much appreciated, I just couldn't get the handshake to complete, so I reset to start over when I get time.