This is an automated archive.
The original was posted on /r/wireguard by /u/pinoybear on 2023-12-29 18:33:19+00:00.
I've configured a WireGuard server on my pfSense firewall and am using my Android 14 phone as the client. I have no issues when I connect with a split tunnel.
When I try full tunnel, The client can connect and establish a handshake. The problem is it cannot resolve any DNS.
It don't understand because my understanding is the only thing that should change between full and split tunnel is the AllowedIPs config on my phone.
Here are my WireGuard configs. Any idea why full tunnel won't work? TIA
#pfSense WireGuard config#
[Interface]
Address = 10.6.210.1/24
ListenPort = 69240
PrivateKey = blah
[phone]
PublicKey = blah
PresharedKey = blah
AllowedIPs = 10.6.210.2/32
WireGuard interface firewall rule is configured to allow ipv4&ipv6 any any
#Android WireGuard split tunnel config (no problems)#
[Interface]
Address = 10.6.210.2/24
ListenPort = 69240
DNS = 172.16.1.1
PrivateKey = blah
[Peer]
PublicKey = blah
PresharedKey = blah
AllowedIPs = 10.6.210.0/24``, 172.16.1.0/24``, 172.16.10.0/24
Endpoint = my.pfsense.net:``69420
#Android Wireguard full tunnel config (DNS not working)#
[Interface]
Address = 10.6.210.2/24
ListenPort = 69240
DNS = 172.16.1.1 #also tried 1.1.1.1, 10.6.210.1 and also leaving it blank
PrivateKey = blah
[Peer]
PublicKey = blah
PresharedKey = blah
AllowedIPs = 0.0.0.0/0``, ::/0
Endpoint = my.pfsense.net:``69420