I’m troubleshooting a WireGuard connectivity problem, and I’m running into a problem when trying to confirm traffic is passing when using Torch. The handshake completes, so I know the VPN client is connected, and I see traffic on the graph for the WireGuard interface under Interfaces > homevpn > Traffic. However, when I try to view this traffic using Torch, I get absolutely nothing. For reference, this is my Torch configuration:
Torch is running on the hEX S that is also managing WireGuard connections.
I solved this. The other administrator misconfigured the user’s WireGuard peer configuration by setting
allowed-addresses=192.168.60.0/24
The actual value should have been the client’s VPN IP address. For example,
allowed-addresses=192.168.60.3/32
Even though Torch operates before the firewall, if this parameter is wrong then you won’t see any traffic.
The wirguard config is predicated upon the peer for a client to be the specific IP address as noted, which differentiates from the multiple peers possible.
The peer on the client or often remote device, should be the subnet and if a router then most definitely the subnet.