I have Wireguard installed on OPNSense at home.
iPhone 13. Wireguard does work on it; I can get into the necessary systems at home.
Windows 10. Wireguard does not work to home, through the iPhone, in either:
- Using iPhone as a non-VPN hotspot, running Wireguard on Windows. Windows can connect to anything on the internet, but WireGuard on Windows never receives a handshake back from the server.
- Running Wireguard on iPhone and not on the laptop. iPhone can reach the servers, etc., but Windows cannot.
From the OPNSense logs, it doesn’t look like the windows laptop is getting a connection request to the Wireguard server, but I’m clueless as to why.
Hotspot does not pass the phone’s VPN connection to any devices connected to the hotspot. You would need VPN on the device.
Are you using a different PrivateKey for the phone and the laptop, or are you using the same PrivateKey for both? For my home setup, I have different PrivateKeys for each device I want to allow access in to my home network.
So frustrating. After hours of trying to get this to work with Wireguard, where the same config works on iOS but not on Windows, I switch to OpenVPN. Everything worked first try, in less than five minutes.
The latest WireGuard windows client I could find was several years old. Me thinks they stopped development just a bit too early.
For what it’s worth I’m having the same issue.
My iPhone itself can connect to wireguard fine.
A device connected to the iPhone via personal hotspot (iPhone NOT connected to wireguard) cannot connect to wireguard. I see tx traffic but no rx traffic same as you’re seeing.
I’m curious how you got OpenVPN working? I lm having the exact same issue with OpenVPN.
Okay, that’s bullet 2.
Same PrivateKey and description - basically same config entirely - on the phone and on Windows, simply because I know that config works. So I haven’t a clue why it works on one and not on the other.
That’s not necessarily true, a lot of phones can’t but a lot can. A lot of newer android phones have the capability to pass hotspot traffic through the VPN.
My phone is rooted and I have a firewall installed where I can pick which apps go through the VPN.
You can only have 1 device connected with a specific PrivateKey at a time. You need a separate PrivateKey to have two devices connected simultaneously. WireGuard does not operate under the traditional server-client system, choosing to focus on “peers” instead of server-client. Different peers need different keys for authentication.
iPhones do not by default, and 99% of people will not crack, which is the OP’s device. But I accept the premise that not all do and some Androids can.
Right. I don’t think that’s the issue; I’m disconnecting the iPhone Wireguard before starting the Windows Wireguard.