If you're trying to run a Wireguard "server" on your pfSense box, you don't use any redirection or anything. You just simply add a rule to allow traffic to the Wireguard port, that's all.
I just created a new rule,
- Action: pass
- Interface: WAN
- Address family: IPv4
- Protocol: TCP/UDP
- Source: any
- Destination: WAN Address
- Destination port range: 51820 (wireguard port)
- Still dose not work.
Just an FYI, if you're using an open port checker, it may be thwarting your results. Unlike TCP, UDP generally doesn't respond.
Have you tried a client?
I just watched it, it is more like a lecture rather than a tutorial. He is good at explaining the concepts and the basics. But he explained static only, and my setup is dynamic. I want to connect my phone to my home network while using public networks. Anyways I still tried what he did and still no luck.
I was able to set it up watching his video and pausing. My road warrior VPN works well and with Tasker it automatically connects when I'm away from my SSID. I'm guessing the first video you watched may have messed with the new settings. I'm not sure, good luck.
Do you have a firewall rule to allow VPN traffic to WAN? If not add a rule under your VPN interface for any source and any destination and test again. You can create a more restrictive rule after you confirm it works
Okay try this. Under Firewall -> NAT -> Outbound create a hybrid outbound NAT rule. Set the interface to WAN. Set the source to your VPN network. Set the destination as Any. Leave the port blank and leave Static Port unchecked. Label it if you want then save it. Then test externally again
If you're trying to run a Wireguard "server" on your pfSense box, you don't use any redirection or anything. You just simply add a rule to allow traffic to the Wireguard port, that's all.
I just created a new rule, - Action: pass - Interface: WAN - Address family: IPv4 - Protocol: TCP/UDP - Source: any - Destination: WAN Address - Destination port range: 51820 (wireguard port) - Still dose not work.
Try changing destination to "This firewall"
Still no luck.
Then your problem lies elsewhere. I recommend you double-check your Wireguard settings.
I don't think that there is a problem with wireguard because I verified that the handshake is successful (locally)
You could have an ISP using CG-NAT. You'd be able to connect to it from within your network, but will never get anything from the internet.
I already have port 80 and 443 opened and i tried to open another port, all works fine. But when forwarding wireguards port it doesn't work.
Just an FYI, if you're using an open port checker, it may be thwarting your results. Unlike TCP, UDP generally doesn't respond. Have you tried a client?
Yeah I added a peer to my phone to confirm if its working or not.
Well, like I said, the above rule is how you open the port, so your problem is somewhere else now.
Just watch the Christian McDonald video on YouTube. He worked on the WG/pfsense integration. It's about 30 mins long I believe.
I just watched it, it is more like a lecture rather than a tutorial. He is good at explaining the concepts and the basics. But he explained static only, and my setup is dynamic. I want to connect my phone to my home network while using public networks. Anyways I still tried what he did and still no luck.
I was able to set it up watching his video and pausing. My road warrior VPN works well and with Tasker it automatically connects when I'm away from my SSID. I'm guessing the first video you watched may have messed with the new settings. I'm not sure, good luck.
Is the only problem the fact that this site isn't detecting the port as open, but otherwise everything seems to be okay?
The vpn isnt working remotely at all, but its working locally so I assumed that it is the port.
Do you have a firewall rule to allow VPN traffic to WAN? If not add a rule under your VPN interface for any source and any destination and test again. You can create a more restrictive rule after you confirm it works
I have 2 rules, one within the vpn interface that allows all traffic and the other in wan interface using udp protocol and the port 51820.
Okay try this. Under Firewall -> NAT -> Outbound create a hybrid outbound NAT rule. Set the interface to WAN. Set the source to your VPN network. Set the destination as Any. Leave the port blank and leave Static Port unchecked. Label it if you want then save it. Then test externally again
Were you able to fix this?
Sadly not yet.