First time using Teltonika routers and also Wireguard.
I have configured a Wireguard instance and enabled it. It all looks good on the router side, I can see the forwarding rules are configured and the service is reported as “Running” on the status page.
But - I do not get any respons when a client tries to connect.
The first question I have before going to the details in the actual configurations is if there are any steps to activate the interface that I have fundamentally missed… The reason I think so is that “wg show” from a terminal lists the interface and nothing more and also “wg showconf mainVPN” is empty.
I would expect those two commands to be populated with more info, seems like the configuration is not really found by Wireguard. Or is that a wrong assumption in this case?
Hello,
What is the output of wg (without args) ?
Regards,
Same output as ‘wg show’…
‘interface: mainVPN’ and nothing more
Please post your configuration details, of course hide the contents of sensitive fields.
This is the interface:
And the peer:
I just noticed a wierd thing. My DDNS domain is ‘example.no-ip.org’ but as you can see in the peer configuration the Endpoint host has been changed to ‘example-no.ip.org’. This seems to happens when I enable the instance. I have tried to change back to the correct domian three times now and each time the router crashes permanently and the only way to recover is to do a factory reset and upload the config backup.
I can also see in the system log that the “incorrect” domain obviosly does not resolve and that result in a Configuration parsing error. I believe this is probably the root cause and likely a bug somewhere in the system.
Are you sure about your Allowed IPs ? 192.168.0.0/24 must be a remote lan and must not conflict with the local one.
About the example.no-ip-org issue, disable the wg tunnel change the endpoint host value and save the new config. Then check manually what has been saved in /etc/config/networks. Is the new value correct ?
I misunderstood the “peer” definition in the server configuration. The 192.168.0.0/24 should obviosly not be there at all. I deleted the instance and started over from fresh adding only 10.5.0.2/32 as allowed IP for the peer and then all problems are gone - including the renaming of the endpoint. So now the connection is working as expected.
Thanks a lot for guiding me in the right direction!
