Question

Hi there,

I am trying to set up a Wireguard connection to my own server. But I can't get the clients to use the vpn connection. I have tried every solution I can find here, but to no avail. If I use Wireguard on a Windows client behind the RUT950, it works right away. Also the connection on the router is build up (i checked via CLI>wg).

 Can anyone tell me how to get this to work?

Router: RUT950

FW: RUT9_R_00.07.04

Answer 1

Hi,

Since the WireGuard tunnel is established, what are the allowed IPs? Also, have you enabled the devices to route allowed IPs? What are the routes on your RT955 ('route -n' command)?

Can you please share the configurations of both WireGuard peers?

Kind Regards,

Andzej

Answer 2

Hi,

Sorry i forgot to give the info. Also it is a RUT950.

Here are some screenshots (I want to route all traffic through the tunnel):

 

Comments

Hi,

It seems that the packets are being sent over the tunnel (2.18 MiB), but the there is only 92 b received. Could you please share the configuration of the other peer?

Kind Regards,

Andzej

Answer 3

The packets that are send are only from the router itself, not the clients.

The other peer is my wireguard 'warpspeed' vm, I don't have a specific config for that. As I wrote, I can use the same config on a Windows wireguard client, and it instantly works. Even if the client sits behind my RUT950. So i assume the problem is the routing or firewall of the router.

Here is a screenshot of the managment gui:

Comments

Hi,

Could you please attach a troubleshoot file? Troubleshoot file can be downloaded from System -> Administration -> Troubleshoot.

Attach it by editing your question.

Kind Regards,

Andzej

---

Hi,

It seems your wireguard firewall zone is set to reject. Could you please navigate to Network -> Firewall and change LAN => Wireguard and Wireguard => LAN zones inputs/outputs/forwards to accept? Depending on your setup, you may want to enable or disable masquerading as well.

Kind Regards,

Andzej