Newbie having issues with Wireguard

[DigitalFermentor]

So I will be upfront. Im still pretty green and pretty much only follow guides online. So apologies if the answer is facing me right in the face.

I have a basic set up. My OPNsense box is connected to my old wireless router (now in bridge mode) which has a wired connection to my small home server and everything else wifi. I have two VLANS one called trusted that everything sits on and one called Untrusted which is unused (but will be eventually). I have Unbound set up with blocklists.

I want to set up wireguard for protection on my phone and access to my Mealie instance.

I followed the Road warrior guide https://docs.opnsense.org/manual/how-tos/wireguard-client.html#wireguard-road-warrior-setup to the letter except I have DDNS set up with NOIP.

My phone sometimes seems to connect stating "Tunnel now set to connected"  in the logs, but cant access the internet and trying to access mealie the page gets stuck loading. After I try accessing the net the "Sending handshake initiation" then "handshake did not complete after 5 seconds, retrying" and gets stuck in a loop trying to initiate handshakes. occasionallz reconnecting and restarting the loop.

Can anyone see what I am doing wrong? I have added some screenshots showing I have folllowed the guide.

[davo1624]

Did you follow step 4(b) in the guide you linked?

https://docs.opnsense.org/manual/how-tos/wireguard-client.html#step-4-b-create-an-outbound-nat-rule

I don't see an outbound NAT rule in your screenshots.

[DigitalFermentor]

You are right. that was missing. I have now set it up but it still doesnt work.

I did a test to see if what I was seeing client side would still happen if Wireguard was disabled (to test if I was actually connecting) and it turns out it did, except the handshake counter kept increasing.

Below is the log from the iphone wireguard app.

2024-12-03 20:03:47.613040: [APP] Status update notification timeout for tunnel 'Homewireguard'. Tunnel status is now 'connected'.
2024-12-03 20:03:53.171067: [NET] Network change detected with satisfied route and interface order [pdp_ip0, utun4]
2024-12-03 20:03:53.171652: [NET] DNS64: mapped (my home network IPv4 address) to (ipv6 address im pretty sure is the iphone)
2024-12-03 20:03:53.171916: [NET] peer(YWvh...TNwY) - UAPI: Updating endpoint
2024-12-03 20:03:53.172053: [NET] Routine: receive incoming v4 - stopped
2024-12-03 20:03:53.172126: [NET] Routine: receive incoming v6 - stopped
2024-12-03 20:03:53.172321: [NET] UDP bind has been updated
2024-12-03 20:03:53.172338: [NET] Routine: receive incoming v4 - started
2024-12-03 20:03:53.172357: [NET] Routine: receive incoming v6 - started
2024-12-03 20:05:02.077460: [NET] peer(YWvh...TNwY) - Sending handshake initiation
2024-12-03 20:05:02.797338: [NET] Network change detected with satisfied route and interface order [pdp_ip0, utun4]
2024-12-03 20:05:02.799268: [NET] DNS64: mapped (my home network IPv4 address) to (ipv6 address im pretty sure is the iphone)
2024-12-03 20:05:02.799586: [NET] peer(YWvh...TNwY) - UAPI: Updating endpoint
2024-12-03 20:05:02.799909: [NET] Routine: receive incoming v4 - stopped
2024-12-03 20:05:02.800085: [NET] Routine: receive incoming v6 - stopped
2024-12-03 20:05:02.800472: [NET] UDP bind has been updated
2024-12-03 20:05:02.800549: [NET] Routine: receive incoming v4 - started
2024-12-03 20:05:02.801111: [NET] Routine: receive incoming v6 - started
2024-12-03 20:05:07.096433: [NET] peer(YWvh...TNwY) - Handshake did not complete after 5 seconds, retrying (try 2)
2024-12-03 20:05:07.098835: [NET] peer(YWvh...TNwY) - Sending handshake initiation
2024-12-03 20:05:12.214579: [NET] peer(YWvh...TNwY) - Handshake did not complete after 5 seconds, retrying (try 2)
2024-12-03 20:05:12.214946: [NET] peer(YWvh...TNwY) - Sending handshake initiation
2024-12-03 20:05:17.416137: [NET] peer(YWvh...TNwY) - Handshake did not complete after 5 seconds, retrying (try 2)
2024-12-03 20:05:17.416508: [NET] peer(YWvh...TNwY) - Sending handshake initiation
2024-12-03 20:05:22.593056: [NET] peer(YWvh...TNwY) - Handshake did not complete after 5 seconds, retrying (try 2)
2024-12-03 20:05:22.593428: [NET] peer(YWvh...TNwY) - Sending handshake initiation
2024-12-03 20:05:27.790601: [NET] peer(YWvh...TNwY) - Handshake did not complete after 5 seconds, retrying (try 2)
2024-12-03 20:05:27.790963: [NET] peer(YWvh...TNwY) - Sending handshake initiation
2024-12-03 20:05:32.961273: [NET] peer(YWvh...TNwY) - Handshake did not complete after 5 seconds, retrying (try 3)
2024-12-03 20:05:32.961615: [NET] peer(YWvh...TNwY) - Sending handshake initiation
2024-12-03 20:05:38.146889: [NET] peer(YWvh...TNwY) - Handshake did not complete after 5 seconds, retrying (try 2)
2024-12-03 20:05:38.147135: [NET] peer(YWvh...TNwY) - Sending handshake initiation
2024-12-03 20:05:43.419835: [NET] peer(YWvh...TNwY) - Handshake did not complete after 5 seconds, retrying (try 2)
2024-12-03 20:05:43.420158: [NET] peer(YWvh...TNwY) - Sending handshake initiation
2024-12-03 20:05:48.675216: [NET] peer(YWvh...TNwY) - Handshake did not complete after 5 seconds, retrying (try 3)
2024-12-03 20:05:48.675506: [NET] peer(YWvh...TNwY) - Sending handshake initiation
2024-12-03 20:05:53.900224: [NET] peer(YWvh...TNwY) - Handshake did not complete after 5 seconds, retrying (try 4)
2024-12-03 20:05:53.900542: [NET] peer(YWvh...TNwY) - Sending handshake initiation
2024-12-03 20:05:58.976631: [NET] peer(YWvh...TNwY) - Handshake did not complete after 5 seconds, retrying (try 5)
2024-12-03 20:05:58.976832: [NET] peer(YWvh...TNwY) - Sending handshake initiation
2024-12-03 20:06:04.204097: [NET] peer(YWvh...TNwY) - Handshake did not complete after 5 seconds, retrying (try 6)
2024-12-03 20:06:04.204432: [NET] peer(YWvh...TNwY) - Sending handshake initiation


Thank you for the help

[davo1624]

Without a successful handshake it won't work. Make sure you are entering the proper public and private keys in their respective fields in peer and instance.