Hi,
I am trying to get WireGuard running on OpenWrt behind an ISP Router.
UDP Port 51820 is forwarded, and I can access that port with netcat from outside.
However, when I try to initiate a WireGuard Connection through my iPhone, the Handshake Initiation fails:
Any ideas? Thanks in advance.
Please copy the output of the following commands and post it here using the "Preformatted text </> " button:
Remember to redact passwords, MAC addresses and any public IP addresses you may have
ubus call system board; \
uci export network; uci export firewall; \
head -n -0 /etc/firewall.user; \
iptables-save -c; \
ip -4 addr ; ip -4 ro li tab all ; ip -4 ru
Make sure the endpoint domain name is resolved into the correct IPv4 or IPv6 address.
Change it to /32
Zones fritz and lan both have network lan. Delete zone fritz.
Verify with tcpdump -i wlan0 -evn udp port 51820 that you are indeed receiving the wireguard packets. Install tcpdump if you don't have it opkg update; opkg install tcpdump
It works, thank you!
What was the issue?
The AllowedIPs for the client was set to 10.7.0.2/24 instead of 10.7.0.2/32, just as you said.
Please consider marking this topic as [Solved]. See How to mark a topic as [Solved] for a short how-to.
This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.