Problem with VPN Server Wireguard

I am recently experiencing some problems configuring a vpn server on my gl.inet opal device
I use my device in ethernet mode
and in the wan port of my opal device i connected my isp's router brand ZTE

of course i configured in my isp's router port forwaring with port 51820 to use wireguard

obviously the main router and the gl.inet device have different ip classes

the gateway on my isp's router is 192.168.0.1/24 and opal in the network takes ip address 192.168.0.8, then internally on the gl.inet device i have class 192.168.8.1/24

the open port in the isp router is on address 192.168.0.8

i have subsequently configured wireguard server in a regular way as also shown in the instructions and enabled the Allow remote LAN access feature

but still the vpn doesn't work in any way

in the wireguard logs I don't see anything strange
Wed Jun 25 18:01:30 2025 user.notice relay: Reloading relay due to ifdown of wgserver ()
Wed Jun 25 18:01:32 2025 daemon.notice netifd: Interface 'wgserver' is setting up now
Wed Jun 25 18:01:33 2025 kern.info kernel: [ 8509.122983] IPv6: ADDRCONF(NETDEV_UP): wgserver: link is not ready
Wed Jun 25 18:01:33 2025 daemon.notice netifd: Interface 'wgserver' is now up
Wed Jun 25 18:01:33 2025 daemon.notice netifd: Network device 'wgserver' link is up
Wed Jun 25 18:01:34 2025 user.notice mwan3[15351]: Execute ifup event on interface wgserver (wgserver)
Wed Jun 25 18:01:34 2025 user.notice mwan3[15351]: Starting tracker on interface wgserver (wgserver)
Wed Jun 25 18:01:38 2025 user.notice firewall: Reloading firewall due to ifup of wgserver (wgserver)
Wed Jun 25 18:01:39 2025 user.notice relay: Reloading relay due to ifup of wgserver (wgserver)
Wed Jun 25 18:02:16 2025 daemon.notice netifd: Network device 'wgserver' link is down
Wed Jun 25 18:02:16 2025 daemon.notice netifd: Interface 'wgserver' is now down
Wed Jun 25 18:02:17 2025 user.notice mwan3[16540]: Execute ifdown event on interface wgserver (unknown)
Wed Jun 25 18:02:18 2025 user.notice firewall: Reloading firewall due to ifdown of wgserver ()
Wed Jun 25 18:02:19 2025 user.notice relay: Reloading relay due to ifdown of wgserver ()
Wed Jun 25 19:22:47 2025 daemon.notice netifd: Interface 'wgserver' is setting up now
Wed Jun 25 19:22:47 2025 kern.info kernel: [13383.276795] IPv6: ADDRCONF(NETDEV_UP): wgserver: link is not ready
Wed Jun 25 19:22:47 2025 daemon.notice netifd: Interface 'wgserver' is now up
Wed Jun 25 19:22:47 2025 daemon.notice netifd: Network device 'wgserver' link is up
Wed Jun 25 19:22:48 2025 user.notice mwan3[20365]: Execute ifup event on interface wgserver (wgserver)
Wed Jun 25 19:22:49 2025 user.notice mwan3[20365]: Starting tracker on interface wgserver (wgserver)

I think it's a problem of interface configuration or firewall

image923×604 44.9 KB

Is it configured correctly ?

At the configuration level on luci I haven't touched any other firewall rules so I don't know

Has anyone encountered the following problem and can give me advice on how to solve it? I even tried configuring wg on a different port for fear that my isp's router would block the following port but still nothing

i ask for your help because i dont know how to proceed anymore if needed i can provide more detailed troubleshooting details

image650×238 8.77 KB

client configuration
[Interface]
Address = 10.0.0.2/24
PrivateKey = xxxx
DNS = 64.6.64.6
MTU = 1420

[Peer]
AllowedIPs = 0.0.0.0/0,::/0
Endpoint = xxx:51820
PersistentKeepalive = 25
PublicKey = xxxxx

Are you trying to use IPv6? GL.iNet routers do not support IPv6 for WireGuard at the moment.

Also, I'd recommend changing your DNS address in the client configuration to equal the WireGuard server IP (10.0.0.1).

no, I don't think so, I didn't configure ipv6 in any of my devices, I have everything in ipv4, also I also tried now to change the dns to 10.0.0.1 but the problem persists

in the logs I only see this
Wed Jun 25 19:22:47 2025 kern.info kernel: [13383.276795] IPv6: ADDRCONF(NETDEV_UP): wgserver: link is not ready
Wed Jun 25 19:22:47 2025 daemon.notice netifd: Interface 'wgserver' is now up
Wed Jun 25 19:22:47 2025 daemon.notice netifd: Network device 'wgserver' link is up
Wed Jun 25 19:22:48 2025 user.notice mwan3[20365]: Execute ifup event on interface wgserver (wgserver)
Wed Jun 25 19:22:49 2025 user.notice mwan3[20365]: Starting tracker on interface wgserver (wgserver)
Wed Jun 25 19:22:52 2025 user.notice firewall: Reloading firewall due to ifup of wgserver (wgserver)
Wed Jun 25 19:22:53 2025 user.notice relay: Reloading relay due to ifup of wgserver (wgserver)
Wed Jun 25 19:31:03 2025 daemon.notice netifd: Network device 'wgserver' link is down
Wed Jun 25 19:31:03 2025 daemon.notice netifd: Interface 'wgserver' is now down
Wed Jun 25 19:31:04 2025 user.notice mwan3[30735]: Execute ifdown event on interface wgserver (unknown)
Wed Jun 25 19:31:05 2025 user.notice firewall: Reloading firewall due to ifdown of wgserver ()
Wed Jun 25 19:31:06 2025 user.notice relay: Reloading relay due to ifdown of wgserver ()
Wed Jun 25 19:45:52 2025 daemon.notice netifd: Interface 'wgserver' is setting up now
Wed Jun 25 19:45:52 2025 kern.info kernel: [14768.342528] IPv6: ADDRCONF(NETDEV_UP): wgserver: link is not ready
Wed Jun 25 19:45:52 2025 daemon.notice netifd: Interface 'wgserver' is now up
Wed Jun 25 19:45:52 2025 daemon.notice netifd: Network device 'wgserver' link is up
Wed Jun 25 19:45:53 2025 user.notice mwan3[16157]: Execute ifup event on interface wgserver (wgserver)
Wed Jun 25 19:45:54 2025 user.notice mwan3[16157]: Starting tracker on interface wgserver (wgserver)
Wed Jun 25 19:45:57 2025 user.notice firewall: Reloading firewall due to ifup of wgserver (wgserver)
Wed Jun 25 19:45:58 2025 user.notice relay: Reloading relay due to ifup of wgserver (wgserver)

I should've asked this question first, but have you verified your ISP router doesn't have CGNAT? Instructions to check are here: https://icanhazvpn.com

yes, I found out I have it thank you for helping me