I have a vanilla wireguard configuration - a cloud VPS running Centos stream is the server, and the clients in question are MacOS and an iOS iphone.
Often when attempting to connect after a long period of not using the VPN, there's no issue and the connection is established immediately.
If I disconnect and then try to reconnect, this is typically when things go wrong. I will either get:
- Data Sent: 148b, with occassional increments in tiny byte of data sent (connection attempts) with NO Data Received.
- An immediate, unending flood of data, either in Data Sent or Data Received (about 10MB / sec, which continues in perpetuity until I terminate the connection)
In either scenario, the connection is not successful, and I cannot connect to anything on the network. I either walk away and try later, or try to disconnect+reconnect 10-20 times until eventually I see a "normal" value in Data Received, and then I know the connection is actually established.
I've ruled out the router, and anything hops in between, because this happens on my private wifi, various public wifi, and on cellular. And this is extra perplexing since this also happens on multiple devices (MacOS + iOS).
As an example, one of the client configs looks like this:
[Interface]
PrivateKey = <masked>
Address = 10.7.0.4/24
DNS = <masked>
[Peer]
PublicKey = <masked>
PresharedKey = <masked>
AllowedIPs = 0.0.0.0/0, ::/0
Endpoint = <masked>:51820
PersistentKeepalive = 25
The only change I've observed that seems to help is limiting the AllowedIPs to a specific network range, instead of everything. That doesn't help though, as this tunnel is meant to transport all traffic.
