WireGuard VPN problem

Rilheva · June 24, 2025, 3:42pm

Hello,
starting with firmware 7.15, I’m experiencing some problems with my WireGuard VPN (RUT140 device).
In particular, when configuring the peer, and enabling the “Route Allowed IPs” options, the connection always fails. In this condition, when trying to ping the endpoint host, in the CLI window for example, I get 100% of packet loss.
Then, if I disable the “Route Allowed IPs” options, the peer connects to my host and the ping works; I then need to add static routes, in order to reach the Teltonika device, and other devices connected to it, if any.
Before the 7.15 firmware, I could enable the “Route Allowed IPs” option, and everyting would work fine, peer would connect and I wouldn’t need to manually add static routes.
Is that the expected behaviour of Wireguard, starting from fw 7.15? And in this case, what’s the meaning of the “Route Allowed IPs” setting, if it doesn’t even allow the connection?
Thank you.
Alberto

anon65719490 · June 26, 2025, 8:32am

Hello,

Thank you for reaching out.

Could you please confirm whether you have any Allowed IPs specified for the peer when this issue occurs? Additionally, could you check whether this behavior persists on the latest 7.15.1 firmware release?

To clarify, the Allowed IPs field defines which IP addresses and prefixes this peer is allowed to use inside the tunnel, typically, these are the peer’s tunnel IP addresses and the networks it should route through the tunnel. When the Route Allowed IPs option is enabled, the router automatically creates routes for the addresses specified in the Allowed IPs list for this peer.

Best regards,

Rilheva · June 26, 2025, 9:20am

Hello Martinas,
here is my configuration:

Wireguard:

IP Addresses: 10.99.23.253/32, 172.23.253.254/24
Additional settings different than default:
Metric: 0
Listen port: 12345
MTU: 1420

Wireguard peer:

public key: my WireGuard peer’s public key
endpoint host: “wgvpn.myhost.com” (it’s an example, it’s not the actual one)
allowed IPs: 10.99.255.254/32, 172.23.253.0/24
Advanced settings:
endpoint port: 12345
persistent keep alive: 25

So, what happens with fw version 7.15 and 7.15.1 as well is that, if in the Wireguard peer I enable the “Route Allowed IPs” option, the VPN connection is lost.
Furthermore, trying to ping my endpoint host results in 100% packet loss.
If I switch off the “Route Allowed IPs”, the VPN connection is established, and the ping works.
I suspect that, enabling “Route Allowed IPs” is trying something strange, like routing the endpoint host as well, or something like that.
Previous firmware versions worked as expected.
If needed, I can give you a remote control access to my PC in order to check it.

Thank you.

Alberto

anon65719490 · June 26, 2025, 11:11am

Hello Alberto,

Thank you for the update and providing additional information. To assist you effectively, we’ll need to continue this process privately. You should find a support request form in the inbox of the email address you used for your forum registration. Kindly fill out the form, and please reference Ticket ID: 14363 when submitting it. Once the form is completed, we’ll contact you directly via email to investigate the issue in detail and help work towards a solution.

Best regards,

Rilheva · June 26, 2025, 12:38pm

Hello Martynas,
I accepted the support request, please let me know if I did it correctly.
Thank you
Alberto

hooble · June 27, 2025, 12:15pm

I would just like to mention that I am also experiencing the same WireGuard issues on firmware 7.15, while everything works as expected on firmware 7.10.

anon65719490 · June 27, 2025, 12:54pm

Hello everyone,

I just wanted to update you that this issue has already been registered with our developers for further investigation. Once there’s an update or a fix available, I’ll be sure to inform you here.

Thank you for your patience and understanding!

Best regards,

anon65719490 · July 8, 2025, 12:50pm

Hello,

I wanted to let you know that a fix for this issue is planned to be implemented with the upcoming 7.17 firmware release. At this moment, however, I don’t have an approximate release timeline to share.

Appreciate your patience and understanding.

Best regards,

flebourse · July 9, 2025, 6:49am

Hello @anon65719490 I would be interested in knowing the cause of this issue.
Thank you.

anon65719490 · July 9, 2025, 8:02am

Hello @flebourse,

Thank you for your interest; we appreciate your involvement and contribution to our community.

In this particular case, while developers were resolving one issue, an unintended side effect unfortunately introduced another.

Best regards,

system · August 23, 2025, 3:43pm

This topic was automatically closed after 60 days. New replies are no longer allowed.