Okay, so I decided to open a new thread for this because I feel like I made some progress since my last post, but my RUTX08 is still not connecting to Mullvad's WireGuard.
I thought describing the steps I take after a clean install (reset factory settings) would maybe help someone more knowledgeable to spot where I might be going wrong or what I am missing. Perhaps flebourse who has been helping me to diagnose what the problem is.
Here are my device's details:
After the factory reset, I log in, change the password and set the router's IP address to 192.168.20.1 so it looks like this:
I go to Services / VPN / WireGuard and under "Add new instance" I enter "mullvad" as the configuration name and click the "Add" button.
In the popup that appears I get a private key. I import this private key to Mullvad's WireGuard configuration file generator:
Then download the config file which contains the following (I deliberately left the private key unobscured, once I find a solution I will just re-generate them anyway):
[Interface]
PrivateKey = qJeLvVzauTKdrLEezjTW1bPc3FTMuD9BsfA97yztC3s=
Address = 10.64.66.63/32,fc00:bbbb:bbbb:bb01::1:423e/128
DNS = 10.64.0.1
[Peer]
PublicKey = m4jnogFbACz7LByjo++8z5+1WV0BuR1T7E1OWA+n8h0=
AllowedIPs = 0.0.0.0/0,::0/0
Endpoint = 193.138.218.130:51820
From this info I take the interface address and enter it in the "IP Addresses" field so now it looks like this:
Under "Peers" and "Add new instance" I enter "mvpeer" and click the "Add" button.
I fill out the peer info the following way:
And then click "Save & apply". I click "Save & apply" again in the interface popup. And click "Save & apply" again in the WireGuard configuration page.
At this point I still have internet connection in the router but the WireGuard configuration is still "off".
I click "on" and "Save & apply". Connection is lost.
I reboot the router. Still no connection. I SSH into the router and run the wg command, the output:
root@Teltonika-RUTX08:~# wg
interface: mullvad
public key: nE81/+Y2d03rdI3mj63NrTTld613rQlsdXtjsiV2skk=
private key: (hidden)
listening port: 51820
peer: m4jnogFbACz7LByjo++8z5+1WV0BuR1T7E1OWA+n8h0=
endpoint: 193.138.218.130:51820
allowed ips: 0.0.0.0/0
transfer: 0 B received, 296 B sent
I haven't added the DNS from Mullvad anywhere yet. So I go to Network / DNS and enter "10.64.0.1" under "DNS forwardings" and click "Save & apply":
Reboot the router again. Still no connection.
I go to Network / Firewall / General settings / Zones. I turn on "MSS clamping" for all the zones that are there, so it looks like this:
I click "Save & apply".
What else do you recommend to set? Should I change something specific in the Firewall settings? (I've tried playing with the settings there, but nothing helped...) Or is there something that should be changed under Network / Interfaces (LAN, WAN, or WAN6)?