Issue with Wireguard

Hi everyone,

So I'm here to ask some help about Wireguard. I have no connection, no handshake, no packet with it. I use Wireguard as a client and my VPN provider is Mullvad and my router is a Linksys WRT3200ACM.

I looking for some tips on the internet and I found this : So I tried to roll back to 19.07.4 but it doesn't work.

When I do a tcpdump, I have only one packet to the server but I never received the answer.

For the installation guide I use this one : I have done all the steps a lot of time but it doesn't work.

Thanks for your help !

What are the contents of the relevant configuration files? Note: be sure to redact any sensitive information such as private keys and credentials.

Hi ! Here is the /etc/network file :

config interface 'wg0'
        option proto 'wireguard'
        option private_key 'REDACTED'
        option force_link '1'
        list addresses ''

config wireguard_wg0
        option public_key 'REDACTED'
        option description 'wireguard_wg0'
        option persistent_keepalive '25'
        list allowed_ips ''
        option route_allowed_ips '1'
        option endpoint_host 'Endpoint Server'
        option endpoint_port '51820'

The /etc/firewall file :

config zone
        option network 'wg0'
        option name 'WGZONE'
        option mtu_fix '1'
        option input 'REJECT'
        option forward 'REJECT'
        option masq '1'
        option output 'ACCEPT'

config forwarding
        option dest 'WGZONE'
        option src 'lan'

Thanks for your help !

You probably need to open the port in your firewall. Try adding:

config rule
        option name 'WG'
        option family 'ipv4'
        list proto 'udp'
        option src 'wan'
        option dest_port '51820'
        option target 'ACCEPT'

Thank you for your comment but it doesn't work. I think the root cause is not the firewall :

  • I tried accept source any destination any with UDP no response from the remote server
  • I tried accept source any destination any for UDP/TCP no response from the remote server
  • I tried to sert the same port (51820) for the client with your rules : no working.

The tcpdump result :

20:09:01.752727 IP > UDP, length 148
20:09:07.512726 IP > UDP, length 148
20:09:13.272723 IP > UDP, length 148
20:09:19.032728 IP > UDP, length 148
20:09:24.053175 IP > UDP, length 148
20:09:29.272722 IP > UDP, length 148

So I don't think is the firewall :confused:

Are you absolutely sure that's correct? That instruction tells the router to configure its own WireGuard interface with the IP address Normally is usually a subnet address, not an interface address. The boolean logic and binary arithmetic behind IP addressing and subnetting mean that can be an IP address, but it's extremely unusual for it to be used that way.

I'm not a Mullvad customer, so I'm not familiar with its documentation, but that particular directive looks very unusual to me.

The is just to mask the real IP. Of course the real one is a standard IP address. Sorry about that !