I have a home VPN Server set up on a Debian box that chills behind an OpenWRT router, forwarding traffic for my devices and letting them have local access to all my home services. There are three peers currently in this VPN subnet and connect as follows:
-
Arch-Linux Laptop: Connects fine with modified MTU under NetworkManager.
-
Android Pixel 7: Connects great with the Android Wireguard app.
-
iOS iPhone 14: Only connects when on the local network but doesn’t forward internet requests. If on data, the handshakes don’t even make it to the router.
The settings on the iPhone are the same as the Android. From there I have tried:
-
Fiddling with the MTU
-
Specifying a DNS server
-
Using Passepartout(same results)
-
Changing the endpoint to use IPv6
-
Adding the VPN Server as one of the allowed IPs alongside
0.0.0.0/0, ::/0
I’ve run tcdump on both the server and the router and have noticed a couple things:
-
On home wifi, the iPhone is reachable by the server, pings and all.
-
On data, the router doesn’t show any traffic reaching the wan interface. Like the iPhone isn’t even routing the handshake properly.
-
If I resolve my home IP address on a browser in the iPhone, the Wireguard connection will resolve on data, but only temporarily.
It’s almost like Wireguard isn’t using the outgoing interface on the phone. I don’t know, I’m reaching the edge of what I could possibly do to troubleshoot the issue. I’m hoping someone can read this and point out some apt thing I haven’t considered.