I’ve hit a wall with a weird Wireguard issue. I’m trying to connect my phone (over cell) to my home router using wireguard and it will not connect.

  • The keys are all correct.
  • The IPs are all correct.
  • The ports are open on the firewall.
  • My router has a public IP, no CGNAT.

The router is opnsense, I have a tcpdump session going and when I attempt a connection from the phone I see 0 packets on that port. I am able to ping the router and reach the web server sitting behind it from the phone.

I have a VPS that I configured WG on and the phone connects fine to that. I also tested configuring the VPS to connect to my home router and that also works fine.

I’m really at a loss as to where to go next.

Edit 2: I completely blew out the config on both sides and rebuilt it from scratch, using a different UDP port, and it all appears to be working now. Thanks for everyone’s help in tracking this down.

Edit: It was requested I provide my configs.


# Interface settings, not used by `wg`             #
# Only used for reference and detection of changes #
# in the configuration                             #
# Address =
# DNS =
# MTU =
# disableroutes = 0
# gateway =

PrivateKey = 
ListenPort = 51821

# friendly_name = note20
PublicKey = 
AllowedIPs =


Address =
PrivateKey = 

AllowedIPs =
Endpoint = :51821
PublicKey = 
  • taaz@biglemmowski.win
    10 months ago

    Yeah I would probably try if the phone can actually access anything on that port.

    On router: netcat -vvvl 51820
    On phone: http://router_ip:51820

    The browser will fail opening it but on router you should see the first incoming HTTP GET packet.
    Or one could run a local shell on the phone (assuming android) and try netcat too.

    (or this http server one liner python3 -m http.server can be used instead of netcat)

    • I have an network tools app that lets me test arbitrary ports and I do see those packets on a tcpdump, but this app (and you’re suggestions above) are all TCP while Wireguard listens on UDP. I haven’t come up with a way to test UDP from the phone yet.

      • taaz@biglemmowski.win
        10 months ago

        Netcat can do UDP with -u flag, to get netcat on the phone (android) you could try local shell (Connect Bot app can do it) and try calling the local netcat (nc, though it’s a simple busybox implementation so it might not have all the features). Not sure if it would let you send udp just like that.