Wireguard - No Handshake, No Incomming Traffic, No Client Errors

[J0kerFace]

Hello,

I've been trying, searching, and reading instructions for several days now, but my Wireguard doesn't establish a handshake. In the firewall live log, I don't see any incoming traffic on the configured port. I've created a WAN incoming rule, designated the firewall as an exposed host on the Fritzbox in front of it, and defined the ports again as a separate forwarding.

The log on the client also doesn't report any errors. Does anyone have an idea where else I could look for the error?

:'( :'( :'(

Thank you.

[CJ]

Do a packet capture.  More than likely either your ISP or the Fritzbox isn't letting it through.

[J0kerFace]

I have set up a packet capture for the wg1 interface. Afterward, I activated the connection on the client. However, the capture doesn't show anything.

[CJ]

I have set up a packet capture for the wg1 interface. Afterward, I activated the connection on the client. However, the capture doesn't show anything.

Why would the wireguard interface show anything?  You haven't connected to wireguard yet.

Did you follow these instructions?  https://docs.opnsense.org/manual/how-tos/wireguard-client.html

[J0kerFace]

Yes this instructions were my first try.

[CJ]

Since it sounds like you've done multiple different things, you should probably remove it all and start over with those instructions.  Then you'll have a known state that will make it easier to help you.

Once you restart with those instructions you can post here your progress and any issues you encounter.

[opnfriends]

Hi Jokerface, your post does not specify which kind of setup you are trying to achive, but it kinda sounds we're stuck at the same point? Please have a look at my post - maybe we're two: https://forum.opnsense.org/index.php?topic=38697.0

[J0kerFace]

At the moment the repository doesn't seem to be working. So I can't reinstall it right now.

I followed the instructions in the documentary and then used YouTube to help.

[CJ]

At the moment the repository doesn't seem to be working. So I can't reinstall it right now.

I followed the instructions in the documentary and then used YouTube to help.

It's that whole youtube for help thing that muddies the water.  Not knowing where you got stuck originally and everything you did to try and fix it makes it hard to troubleshoot.

What issue are you seeing with the repository?  You can't install if you're not up to date.  I don't recall if that means just patches or major versions as well.

[J0kerFace]

Attached the Issue with the repro.

I have now deleted everything and reinstalled Warrior Setup. It still does not work.
I don't see any traffic on the selected port in the firewall livelog either. Despite the Exposed Host being set up on the Fritzbox.

[CJ]

Attached the Issue with the repro.

I have now deleted everything and reinstalled Warrior Setup. It still does not work.
I don't see any traffic on the selected port in the firewall livelog either. Despite the Exposed Host being set up on the Fritzbox.

Oh, that's not good.  That's probably part of the reason you're having issues.  Try changing mirrors and also run the audit checks as well.

[svenskalec]

Hello,

i have the same problem. Configure both opnsense via documentation. On both firewalls dosnt see any log for port or the ips i use for the s2s fireguard tunnel. What you need to help me?

[morphine]

I have the same problem, even did a factory reset just to eliminate any errors I might have done. The weird thing is that NO vpns work, neither zerotier, openvpn or wireguard.
VPN was working fine until I switched to OPNsense a few days ago, so there shouldn't be any ISP limitations.

[chemlud]

Still do a package capture to see were things go wrong. Unlikely it's opnsense... ;-)

[morphine]

Ah well, third time's the charm. After wiping the entire installation and starting over, and creating Wireguard as one of the first things I did, it started working.