this post was submitted on 06 Jan 2024
1 points (100.0% liked)

WireGuard

3 readers
1 users here now

WireGuard - a fast, modern, secure VPN Tunnel.

founded 1 year ago
MODERATORS
[email protected]
1
Wireguard not working on Android, working on windows (with Android's mobile data) (zerobytes.monster)
submitted 10 months ago by [email protected] to c/[email protected]
0 comments fedilink hide all child comments
 
This is an automated archive.

The original was posted on /r/wireguard by /u/downvotedbylife on 2024-01-06 00:52:12+00:00.

I recently set up Wireguard on my OPNsense box for remote access to my LAN. I currently have one instance and two peers: a windows laptop and an android phone. The setup for both peers is mostly identical except for different IP addresses (within the same subnet, which is completely empty except for Wireguard clients).

I setup the clients on both my devices, and tested them both using mobile data to simulate out-of-home access. I turned on my mobile hotspot, and while connected to it, the laptop worked perfectly from the first start, got a handshake and was able to access both LAN resources and the internet through Wireguard.

The weird part is that the Android phone, while it completes the handshake with the server (showing that keys and basic connectivity are fine), it doesn't get any further. The phone can't access local LAN resources or the internet when the VPN is active. Here's what I've checked:

  • The OPNsense firewall rules, NAT rules, and routes allow all traffic from the Wireguard interface and subnet.
  • Allowed IPs is set to 0.0.0.0/0, same as the laptop.
  • There are no blocks in the firewall logs. In fact, there are no log entries for the Wireguard interface.
  • The phone does get an IP when the VPN is turned on, but can't even ping its own subnet gateway address, much less the LAN's DNS. No response when pinging it from the LAN, either.
  • Changed MTU in the Android client to various values found around the web (it's currently at 1400), no difference.
  • Tried setting the keepalive to 25s, no difference.
  • Reinstalled Wireguard app, no difference

I don't see anything that stands out in the logs. There's a periodic "Retrying handshake because we stopped hearing back after 15 seconds" messages. It seems the only traffic being received by the phone is the handshake packets. Phone is constantly transmitting data, but the rx count only goes up when it does a handshake.

I'm inclined to not think it's a mobile network issue, since the laptop works perfectly when it's on the mobile hotspot from the very same phone that can't connect.

I'm at a loss here. Any ideas?

no comments (yet)
sorted by: hot top controversial new old
there doesn't seem to be anything here