Is WireGuard a tad on the flaky side

I am currently working with a BT HH5A running the latest firmware as of this date. Before I deep dive into this, may I just ask whether the WireGuard implementation on OpenWrt is a bit temperamental?

To generalise:

I had WireGuard installed and working fine (after a bit of fiddling with the zone and forwarding rules) with my Android phone as a client both on 4G and external wifi networks, such as on public transport, then I added a profile for my laptop and neither device now works.

During my earlier fiddling with WireGuard I got to a point where I could not connect to the HH5A and had to reset it and start over.

So, in summary, do I need to start poking around with the config files to see what's occurred or am I just unlucky. Setting this up, while following the numerous guides on the subject. seems to have been more full of pitfalls than I expected - or is it me!?

I have had Wireguard running on BT Hub5 for couple of years. All the setup problems came from the firewall rules. I have multiple devices connecting without problem once I got the first device going. Connecting my android phone was the easiest. Good luck with the firewall.

Probably your configuration has something wrong, or your network like firewall/routes. WireGuard is great, I use it on dozen of connections and works always perfectly. Just sometimes from the menubar on macOS doesn't work and you have to open the full interface and click on "connect", but is not a network issue.

At work, for example, I have a Mikrotik router (with OpenWrt that acts only like as WireGuard server) behind a FortiGate firewall and I had to configure also a static route for WireGuard, where 10.4 is the WireGuard interface and is the Mikrotik/openwrt router:

I think WireGuard has only some difficult to route or retrieve the packets that are not perfectly routed, other than that is great.

Yes... WG works really well when properly configured.

Please copy the output of the following commands and post it here using the "Preformatted text </> " button:
Remember to redact passwords, MAC addresses and any public IP addresses you may have:

cat /etc/config/network
cat /etc/config/firewall

And also post your config from your remote peer and we'll make sure everything is right.

I found my WireGuard setups to be very robust, do I can only agree with the other folks here that there's a 99% chance this is a configuration issue.

Hi All, many thanks for the feedback. I think I have identified my issue, which is likely a configuration thing, and I will start a new post for it.


This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.