Wireguard - VOIP

I have a GL-iNet GL-MT2500. Firmware 4.5.16. I am trying to use this to connect our internal VOIP phone system. I am attempting to use Wireguard as the VPN network, the SIP packet of 5060 is making it back and forth as the phone registers with the VOIP server. I am able to ping back and forth, I am able to ping from the main office 50.0 (Office/PFSense), 50.1 (GL Side) and 10.188 to my laptop. If I (Tom) make a call from the remote phone (VOIP) to an outside person (Cell - Dave), there is full communication and no issues. Now if Dave calls Tom, the phone rings, Tom picks up, Dave can hear Tom answer hello, but Tom cannot hear Dave. The 3 ports the VOIP server uses to communicate with the remote phone is 5060 TCP, 41000 and a random 410xx UDP picks for each call. Wireshark is showing I am receiving packets from the remote phone (as evidence Dave can hear Tom), using Wireshark, I can see the packets are making it to the remote side.

I have a working OpenVPN setup, but pfsense is telling me that the setup I'm using will be depreciated soon, so trying to setup an alternative.

Watching Wireshark on the voip server and on the remote side, I have a managed switch I can monitor what comes in and out. Now on the OpenVPN setup, The source and destination of the RTP packet shows as the VOIP server. On the Wireguard setup, the source shows up as the ip address of 50.0, the PFSense IP Address via tunnel (not the VOIP server) and the destination shows as the VOIP server.

is there a setting to turn off the "IP Translate", not sure if it's on the server or on the GL Device side.

Address =
ListenPort = 51820
PrivateKey = REMOVED
MTU = 1420

AllowedIPs =,
Endpoint = remote.myoffice.com:51820
PersistentKeepalive = 30
PublicKey = REMOVED

Any help is appreciated. Thanks in advance.

In the vpn client there is such an optioin. But not sure if this will cause other issues.

I'm using Wireguard with the GL-iNet device. The IP Masquerading option is only available via OpenVPN.

Should be available for Wireguard as well.

1 Like

It totally is:

It appears it is the opposite of what I'm looking for. According to the help, I should be making sure this setting on the server (pfsense device-server, not the GL device-client) is off, as I want the VOIP Server to identify as the 0.184 address to my client devices instead of 50.1

Screenshot 2024-06-20 at 8.15.52 AM

So finally found the answer on this. On the PFSense server, I had to turn off the IPv4 Upstream Gateway instead of following the instructions from Netgate. By turning off the IPv4 Upstream Gateway for the Wireguard Interface (setting to None), the IP address stayed to the source, and audio is working both ways.

Thanks for the help