Wireguard client not routing any traffic on GL-MT300N-V2

I’m trying to route all my traffic through wireguard and failing. I have tested the configuration in other devices and it works perfectly. When I click connect on the GUI it actually connects to the server and creates the routing rules but nothing else happens. No traffic goes anywhere.
My firmware version is 3.025.

root@MT300N-V2:~# wg show
Warning: one or more unrecognized netlink attributes
interface: wg0
public key: [key]
private key: (hidden)
listening port: 55176

peer: [key]
preshared key: (hidden)
endpoint: [ip]:54321
allowed ips:
transfer: 0 B received, 296 B sent
persistent keepalive: every 25 seconds

root@MT300N-V2:~# ip r dev wg0 scope link
default via dev apcli0 proto static src metric 20
[ip] via dev apcli0 dev wg0 scope link dev apcli0 proto static scope link metric 20 dev br-lan proto kernel scope link src

Can someone please assist me with this?

What I found very unfortunate with wireguard, is that it does not really give you an indication if the connection was established. What I have found as an indicator, that it is not connected if there are no bytes received.

Any “established” connection I had, had at least a few bytes received even if there was no traffic passing through.

I know this doesn’t really help, but maybe you could first start to find out, why connection is not really established.

It’s odd because I see the peer connected on the server also.

This could be, but the server is not responding, or the response is not received by the router.

Did you set the listen port or was it set automatically?

the port was set automatically

You could try setting it to the same port the server listens on 54321 as this was working on some configurations I had.

Could you post your redacted settings from the wireguard client page in the router interface.

Changing the port did not work.
Also playing with the DNS options like someone recommended in other threads is of no use.

Are the VPN policies active?
For me it worked best setting the IP of the local network outside the router as only “do not use” rule (If the router is connected directly to the internet the set “use only for” without setting any IP).

And I would have DNS set to or for testing until it runs and then take it from there.

I’m connected to a public hotspot with captive portal. It disconnects me every hour so I wrote a script to reconnect. The VPN policies are set so I can still access this portal with my script.

And the wireguard settings are functioning within that same public hotspot with another device (as a lot of public hotspots limit the open ports, which could block the tunnel)?

Yes, the same configuration is working on 2 other devices in the same network. (not at the same time)

Then I don’t have any more suggestions on what to look for.

Nevertheless, I am still assuming a connection issue rather than a routing issue as long as the received packets are 0.

You were correct. It was a connection problem.
I had written the wrong Preshared Key :frowning:
Since for some reason I could’n import the file I was copypasting from another file and pasted the wrong key. Did not notice till today.
Now it’s wrorking.
It is anyways annoying that I don’t have access to any logs so it’s really difficult to debug when there’s a problem.
Thank you for your help.

No Problem, glad it’s working.