From Wireguard failure to WAN address?

[Sky22019]

Hello,

Up until recently, I was able to connect to my opnsense wireguard vpn instance from outside my house using both my mobile and my laptop. I simply followed the steps as described in the official documentation.
Alas; this is no more the case. I can't get wireguard to work anymore. The only thing that changed is opnsense versions. Or maybe something else (that I don't know) from my ISP?

Opnsense appliance is behind a bridged modem/router provided by my ISP. My WAN connection is pppoe (credentials in opnsense) and I am using no-ip as a ddns service. I repeat; all this was working flawlessly.

While troubleshooting; I stumbled upon something else. When going to Interfaces --> Overview, my WAN interface shows the following:
device: pppoe0, link type: pppoe, IPV4 100.69.xxx.xx/32, gateway 10.106.xxx.xxx and my public IP (external) is something else.

Am I missing something here? Or is this all normal, and it's just my wireguard instance not configured properly?

Thanks in advance.

[dseven]

Your ISP has put you behind CGNAT. Ask them if they can give you a routable IP address (doesn't have to be static, but that might be the only option they offer). Otherwise you'll need to find a VPN solution that involves some third party - tailscale, something cloud-based, etc.

[tiermutter]

Even with IPv4 CGNAT you can use IPv6 for establishing a VPN connection.
This needs v6 properly configured at least for WAN interface and v6 connectivity on client side.

[Sky22019]

Thanks for the responses.
Quick update on the situation.

I contacted my ISP and they fixed it. They actually said that this was not on purpose and they don't know if it's gonna happen again in the future. I think the line was: "The system for some reason hands out IPs in the 100.xx range."

Outrageous right?

ISP is Cosmote (Greece).

FYI