Re: Getting wg(4) NetBSD server to work with WireGuard(R) macOS client

[Paul W. Rankin <rnkn%rnkn.xyz@localhost>]

Christof Meerwald <cmeerw%cmeerw.org@localhost> wrote:
> On Tue, Jan 14, 2025 at 08:21:38PM +1000, Paul W. Rankin wrote:
> > I opened up TCP port 9443 on my hosting firewall (previously only UDP
> > was open) and:
> [...]
> > With the TCP port open I can ping the server from the client with
> > WireGuard up:
> 
> That doesn't make sense to me - it sounds like your hosting firewall
> is not doing what you think it is doing (there shouldn't be any TCP
> traffic on port 9443 for wireguard).

I disabled the firewall entirely and saw no change. At least we can
rule that out.

I'm not sure what I did (or did wrong last time) but now I can't ping
the server (10.2.0.1) from the client (10.2.0.42) with wireguard up.
All request timeouts.

> Could you maybe run tcpdump on both ends and check that you see the
> same UDP traffic on both ends?

Server:

	# tcpdump -i wg0 udp port 9443

Nothing, and client:

	# tcpdump -i utun4 udp port 9443

Nothing.

Appreciate the effort though!