Now I´ve been digging deeper and have more patience explaining
I'm infact using a RPi behind RUT240, the RPi is connected to LAN and the RUT240 via cellular/LTE. Everything operating as it should.
On the RPi I'm desperately trying to set up Wireguard and have a simple working setup with this. Trouble arises whenever the router get's a new IP from the operator. Regardless of me turning off/on mobiledata or the router reboots. Then the Wireguard handshake via UDP fails.
So I have been troubleshooting myself as this should be something Wireguard can handle without problem (a loss of connection behind NAT).
Doing tcpdump -i wwan0 'port MY_PORT' on my router via CLI when everything is good gives me:
08:05:09.816507 IP EXTERNAL_IP_OF_ROUTER.34041 > ec2-MY_AWS_IP.eu-central-1.compute.amazonaws.com.54328: UDP, length 32
Then when it fails, the same tcpdump command (verified at AWS end, no package is arriving):
08:10:09.671507 IP RPI_HOSTNAME.lan.45167 > ec2-MY_AWS_IP.eu-central-1.compute.amazonaws.com.54328: UDP, length 148
What can this tell me ? Why is the origin in the packet now suddenly the hostname of my RPi and ".lan" instead of the external IP of router as seen above in first example ? Is this a routing issue in the router, or is it wireguard using the wrong interface or routing ? Could it be a firmware issue in the router about handling routing between eth0 and wwan0 interfaces ?
The only thing I can do to resolve this is manually restart the wireguard service and then it kicks in instantly. Wireguard seems to work by UDP hole punching which I have yet to understand fully.