Cannot ping Wireguard Interface and use VPN and WAN Policy-Based Routing

I setup WG with Warp+, after successfully created a new interface. I tried to ping it, but there was no response

How can I test if the WG interface runs successfully or not?

You just showed us, and you're getting 0 traffic from the cloudflareclient peer.

  • Check your private/public keys on both devices
1 Like

I think the router had connected the WG, therefore, the interfaces showed the IP address

I'm not sure what you mean by that comment, I'm referring to this:


This means no reply traffic is being decrypted. If you can see the UDP traffic via tcpdunp - I would check the key.

BTW, can you provide the link to the documentation for the API registration?

I'd like to try it.

1 Like


I don't know if the Wireguard server of still works

To be clear, WG can appear to be connected even when it is not. The interface IP address is included as part of the local configuration, so even though you are seeing the IP, it does not mean there is an active connection. The best way to check the status of your Wireguard connection is wg show -- it will show the latest handshake and data transfer status, among other things. If you do not see a "latest handshake" line, it means it has never actually connected with a remote peer.

1 Like

This Thread is a VPN Salad ~ Warp, TunSafe, WireGuard, P.B.R.

I hope my words translate well. The link you provide, is for TunSafe Vietnamese.
So for other's in English:

I'm not sure if you are using a third party app to get configuration files to use in the router's config section and also if you are using a Commercial VPN provider (Examples: Mullvad, SurfShark, NordVPN... )

However, if you have a Commercial VPN service that supports WireGuard, you do not need TunSafe, you could use official software to test your config keys for connectivity. See what works in a PC environment. Do the basics first what @lleachii posted.

In this use case, it's assumed the OP successfully sent an authentication to CloudFlare's API with their Public Key to get the config file for a CloudFlare WARP instance.

1 Like

I did not add the keys to OpenWrt, nor do I have an "existing Warp+ subscription.


I stopped at this point in the from ViRb3 Git Pictured.

  • Ran wgcf -h
  • Ran wgcf register
  • Ran wgcf generate
  • Imported wgcf-profile.conf to WireGuard app.
  • Activated and surfed for location ~ DNS test sites
wgcf -h
 Made by Victor (@ViRb3). Project website:

  wgcf [flags]
  wgcf [command]

Available Commands:
  completion  Generate the autocompletion script for the specified shell
  generate    Generates a WireGuard profile from the current Cloudflare Warp account
  help        Help about any command
  register    Registers a new Cloudflare Warp device and creates a new account, preparing it for connection
  status      Prints the status of the current Cloudflare Warp device
  trace       Prints trace information about the current internet connection
  update      Updates the current Cloudflare Warp account, preparing it for connection

      --config string   Configuration file (default "wgcf-account.toml")
  -h, --help            help for wgcf