WireGuard not working ipv4 after update to opnsense 24.7.5

[Bob.Dig]

And indeed more ipv4 public ip addresses - all static

Okay.

Still, what is this WG-Gateway good for?

[RamSense]

That was added from the help above from DEC670airp414user, and it solved the problem of WG not showing ipv4 and only ipv6 on whatismyip.com

[Bob.Dig]

But what is it good for, who is connecting to whom? And what side is using whatismyip.com? What is the tunnel config look like.

[RamSense]

It is a roadwarrior setup. All mobile devices and laptop etc while being away from home(wifi) use wireguard vpn. All data is going through the internet connection at home. This way Adguard home does it work being away from home also, and me being able to connect to local services that are not connected to the internet

whatismyip.com is being done from iphone 5g with wireguard vpn on.

[Bob.Dig]

Ok, so I don't see any use for a gateway on that WG-tunnel, remove it. I think you still should show the whole WG-config on OPNsense, for the instance and the peer. 

[RamSense]

Well it fixed the ipv4 problem with wireguard on 24.7.5 and on 24.7.4 for me no longer having to do an "WG-interface off, safe and on, safe" trick to get it working.

instance and peer config attached

[Bob.Dig]

That looks good. So I wonder, with all your public IPv4-addresses, maybe the problem is in Outbound-NAT.

Actually, I had/have a problem there too. I fixed it by creating an OutboundNAT rule myself. The problem only occurs after rebooting OPNsense. So our problems might be related.   :D
But mine was already there before the latest release.

Edit: Create an OutboundNAT rule on WAN with your tunnel-network as source. Just do it and thank me later.  :P

[RamSense]

here is the outbound nat. one for ipv4 and one for ipv6

[DEC670airp414user]

Well it fixed the ipv4 problem with wireguard on 24.7.5 and on 24.7.4 for me no longer having to do an "WG-interface off, safe and on, safe" trick to get it working.

instance and peer config attached

1. MTU seems awful high.  mine is 1300 and I get full speeds.  almost 500Mb for my wan fiber line
2.  I have disable routes checked for all of my tunnels

[Bob.Dig]

Again, I was to late.

Edit: Create an OutboundNAT rule on WAN with your tunnel-network as source. Just do it and thank me later.  :P

[RamSense]

see also the post above, but here again(?) outbound nat

[Bob.Dig]

Again, just do it manually but only on your WAN.

Mine looks like this.

[RamSense]

I do not follow? I have a outbound nat rule on wan with WG Net as source.
Or is it that instead of selecting WG net you put in the tunnel address 10.10.10.0/24?

[Bob.Dig]

I do not follow? I have a outbound nat rule on wan with WG Net as source

Then do follow and do as I say, make a rule manually like I did. It is a bug after all.

[RamSense]

I added the attached outbound rule, after reboot I still had to hit "apply" on the gateway page for iphone with wireguard to get both ipv4 and ipv6 on whatsmyip.com