I am in the setup/troubleshooting stage of a VPN server.
I have configured a WireGuard server on the Brume 2, connected to it with an iPhone, then turned off the WireGuard server. For good measure, I rebooted the Brume 2 and the VPN Dashboard shows the the VPN servers are all off.
Despite that, my iPhone indicates that it is connected to the VPN server.
This likely means that the admin UI is not accurately reporting the status of the VPN server.
So…
this is a bug.
how can I truly confirm the state of the vpn server (wireguard, in this case)?
That’s news to me. To test this, I actually unplugged the Brume 2, and then switched on the VPN in the WireGuard app on my iPhone… wouldn’t you know it but the iOS VPN panel showed I was connected. Odd.
Yup; and here’s the thing: you’re not really connected when it is properly ‘connected’ to your Burme 2. WireGuard is a ‘stateless’ protocol. When there’s no traffic actively flowing (eg: downloading a file or streaming a video, etc.), the link/tunnel stops, re-engaging only when there’s new traffic/packets to push through & encrypt or decrypt accordingly.(1)
It’s the reason most WG config files will specify a KeepAlive directive of, oh, say, 25 seconds. It lets the other WG endpoints know your endpoint still ‘alive.’ What the software on your iPhone is doing is directing/re-routing any & all traffic as it finds it through that ephemeral tunnel & listening for whenever there’s an incoming packet from that remote enpoint (Burme 2).
