@thomas_l 

Hi,

I don't know if the VLAN ID could cause this problem.

However, it has been discovered on a couple of router models that having "DNS Privacy" set to DoT or DoH can cause the issue you described. So, you might want to check that and if applicable, set "DNS Privacy" to None for the time being.
 

  @woozle Hi,

Thank you for the suggestion. I have just tested with DNS privacy disabled but the issue persists so the issue is elsewhere. 

  @thomas_l 

I am going to add more context so hopefully the issue can be understood better. 

The client device cannot access the internet while connected to the wireguard server despite the wireguard settings being home and internet.

Below you can see an attmped google search that will never work

but if I enter the routers IP address I can access the router.

  @Joseph-TP 

Hi, Any updates on this case? I forgot to tag you in the last message, was there information in there that was helpful? 

  @Joseph-TP 

1).

Below is my network topology. 

2).

Current WAN IP:

3).

Wireguard conf file:

[Interface]

PrivateKey = [REDACTED]
Address = 10.5.5.2/32
DNS = 10.5.5.1

[Peer]
PublicKey = J9ILLPW87Mpimu3Fhs/GnVuFU/k1qTJqDJnVTE6gKnI=
AllowedIPs = 0.0.0.0/0
Endpoint = 84.71.137.32:51820
PersistentKeepalive = 25

4).

Wireguard log:
 

2025-05-09 16:54:15.259369: [APP] App version: 1.0.16 (27)
2025-05-09 16:54:50.647545: [APP] startActivation: Entering (tunnel: mytunnel)
2025-05-09 16:54:50.649475: [APP] startActivation: Starting tunnel
2025-05-09 16:54:50.650010: [APP] startActivation: Success
2025-05-09 16:54:50.660692: [APP] Tunnel 'mytunnel' connection status changed to 'connecting'
2025-05-09 16:54:50.760460: [NET] App version: 1.0.16 (27)
2025-05-09 16:54:50.760628: [NET] Starting tunnel from the app
2025-05-09 16:54:50.850453: [NET] DNS64: mapped 84.71.137.32 to 64:ff9b::5447:8920
2025-05-09 16:54:50.850727: [NET] Attaching to interface
2025-05-09 16:54:50.850982: [NET] UAPI: Updating private key
2025-05-09 16:54:50.851056: [NET] UAPI: Removing all peers
2025-05-09 16:54:50.851138: [NET] peer(J9IL…gKnI) - UAPI: Created
2025-05-09 16:54:50.851151: [NET] peer(J9IL…gKnI) - UAPI: Updating endpoint
2025-05-09 16:54:50.851203: [NET] peer(J9IL…gKnI) - UAPI: Updating persistent keepalive interval
2025-05-09 16:54:50.851226: [NET] peer(J9IL…gKnI) - UAPI: Removing all allowedips
2025-05-09 16:54:50.851238: [NET] Routine: encryption worker 1 - started
2025-05-09 16:54:50.851244: [NET] Routine: decryption worker 4 - started
2025-05-09 16:54:50.851247: [NET] Routine: encryption worker 3 - started
2025-05-09 16:54:50.851254: [NET] Routine: decryption worker 1 - started
2025-05-09 16:54:50.851272: [NET] Routine: handshake worker 1 - started
2025-05-09 16:54:50.851269: [NET] Routine: decryption worker 3 - started
2025-05-09 16:54:50.851312: [NET] Routine: encryption worker 2 - started
2025-05-09 16:54:50.851318: [NET] Routine: handshake worker 5 - started
2025-05-09 16:54:50.851321: [NET] Routine: decryption worker 6 - started
2025-05-09 16:54:50.851322: [NET] peer(J9IL…gKnI) - UAPI: Adding allowedip
2025-05-09 16:54:50.851368: [NET] Routine: handshake worker 4 - started
2025-05-09 16:54:50.851380: [NET] Routine: handshake worker 3 - started
2025-05-09 16:54:50.851385: [NET] Routine: encryption worker 5 - started
2025-05-09 16:54:50.851407: [NET] Routine: encryption worker 4 - started
2025-05-09 16:54:50.851415: [NET] Routine: encryption worker 6 - started
2025-05-09 16:54:50.851419: [NET] Routine: handshake worker 6 - started
2025-05-09 16:54:50.851453: [NET] Routine: decryption worker 5 - started
2025-05-09 16:54:50.851459: [NET] Routine: event worker - started
2025-05-09 16:54:50.851471: [NET] Routine: decryption worker 2 - started
2025-05-09 16:54:50.851494: [NET] Routine: handshake worker 2 - started
2025-05-09 16:54:50.851496: [NET] Routine: TUN reader - started
2025-05-09 16:54:50.851626: [NET] UDP bind has been updated
2025-05-09 16:54:50.851643: [NET] peer(J9IL…gKnI) - Starting
2025-05-09 16:54:50.851678: [NET] peer(J9IL…gKnI) - Sending keepalive packet
2025-05-09 16:54:50.851685: [NET] peer(J9IL…gKnI) - Routine: sequential sender - started
2025-05-09 16:54:50.851691: [NET] Routine: receive incoming v4 - started
2025-05-09 16:54:50.851696: [NET] Routine: receive incoming v6 - started
2025-05-09 16:54:50.851705: [NET] peer(J9IL…gKnI) - Sending handshake initiation
2025-05-09 16:54:50.851861: [NET] peer(J9IL…gKnI) - Routine: sequential receiver - started
2025-05-09 16:54:50.852048: [NET] Interface state was Down, requested Up, now Up
2025-05-09 16:54:50.852067: [NET] Device started
2025-05-09 16:54:50.852128: [NET] Tunnel interface is utun5
2025-05-09 16:54:50.852254: [NET] Network change detected with satisfied route and interface order [pdp_ip0]
2025-05-09 16:54:50.852378: [NET] DNS64: mapped 84.71.137.32 to 64:ff9b::5447:8920
2025-05-09 16:54:50.852397: [NET] peer(J9IL…gKnI) - UAPI: Updating endpoint
2025-05-09 16:54:50.852522: [NET] Routine: receive incoming v4 - stopped
2025-05-09 16:54:50.852620: [NET] Routine: receive incoming v6 - stopped
2025-05-09 16:54:50.852683: [APP] Tunnel 'mytunnel' connection status changed to 'connected'
2025-05-09 16:54:50.852734: [NET] UDP bind has been updated
2025-05-09 16:54:50.852744: [NET] Routine: receive incoming v4 - started
2025-05-09 16:54:50.852767: [NET] Routine: receive incoming v6 - started
2025-05-09 16:54:50.896894: [NET] peer(J9IL…gKnI) - Received handshake response
2025-05-09 16:54:50.934894: [NET] peer(J9IL…gKnI) - Receiving keepalive packet
2025-05-09 16:54:50.940566: [NET] Network change detected with satisfied route and interface order [pdp_ip0, utun5]
2025-05-09 16:54:50.941402: [NET] DNS64: mapped 84.71.137.32 to 64:ff9b::5447:8920
2025-05-09 16:54:50.941624: [NET] peer(J9IL…gKnI) - UAPI: Updating endpoint
2025-05-09 16:54:50.941916: [NET] Routine: receive incoming v4 - stopped
2025-05-09 16:54:50.942022: [NET] Routine: receive incoming v6 - stopped
2025-05-09 16:54:50.942505: [NET] UDP bind has been updated
2025-05-09 16:54:50.942778: [NET] peer(J9IL…gKnI) - Sending keepalive packet
2025-05-09 16:54:50.942891: [NET] Routine: receive incoming v4 - started
2025-05-09 16:54:50.943077: [NET] Routine: receive incoming v6 - started
2025-05-09 16:54:51.537770: [NET] Network change detected with satisfied route and interface order [pdp_ip0, utun5]
2025-05-09 16:54:51.538721: [NET] DNS64: mapped 84.71.137.32 to 64:ff9b::5447:8920
2025-05-09 16:54:51.539020: [NET] peer(J9IL…gKnI) - UAPI: Updating endpoint
2025-05-09 16:54:51.539345: [NET] Routine: receive incoming v4 - stopped
2025-05-09 16:54:51.539498: [NET] Routine: receive incoming v6 - stopped
2025-05-09 16:54:51.539897: [NET] UDP bind has been updated
2025-05-09 16:54:51.539961: [NET] Routine: receive incoming v4 - started
2025-05-09 16:54:51.540012: [NET] Routine: receive incoming v6 - started
2025-05-09 16:54:51.540029: [NET] peer(J9IL…gKnI) - Sending keepalive packet
2025-05-09 16:54:55.650849: [APP] Status update notification timeout for tunnel 'mytunnel'. Tunnel status is now 'connected'.
2025-05-09 16:55:19.825489: [APP] startDeactivation: Tunnel: mytunnel
2025-05-09 16:55:19.829540: [APP] Tunnel 'mytunnel' connection status changed to 'disconnecting'
2025-05-09 16:55:19.972133: [NET] Network change detected with satisfied route and interface order [pdp_ip0]
2025-05-09 16:55:19.973977: [NET] DNS64: mapped 84.71.137.32 to 64:ff9b::5447:8920
2025-05-09 16:55:19.974390: [NET] peer(J9IL…gKnI) - UAPI: Updating endpoint
2025-05-09 16:55:19.974749: [NET] Routine: receive incoming v4 - stopped
2025-05-09 16:55:19.975018: [NET] Routine: receive incoming v6 - stopped
2025-05-09 16:55:19.975532: [NET] Routine: receive incoming v4 - started
2025-05-09 16:55:19.975557: [NET] UDP bind has been updated
2025-05-09 16:55:19.975596: [NET] peer(J9IL…gKnI) - Sending keepalive packet
2025-05-09 16:55:19.975727: [NET] Routine: receive incoming v6 - started
2025-05-09 16:55:20.140259: [NET] Stopping tunnel
2025-05-09 16:55:20.140752: [NET] Device closing
2025-05-09 16:55:20.141217: [NET] Routine: TUN reader - stopped
2025-05-09 16:55:20.141388: [NET] Routine: event worker - stopped
2025-05-09 16:55:20.141547: [NET] Routine: receive incoming v4 - stopped
2025-05-09 16:55:20.141802: [NET] Routine: receive incoming v6 - stopped
2025-05-09 16:55:20.141959: [NET] peer(J9IL…gKnI) - Stopping
2025-05-09 16:55:20.142160: [NET] peer(J9IL…gKnI) - Routine: sequential sender - stopped
2025-05-09 16:55:20.142165: [NET] peer(J9IL…gKnI) - Routine: sequential receiver - stopped
2025-05-09 16:55:20.142309: [NET] Device closed
2025-05-09 16:55:20.142328: [NET] Routine: decryption worker 1 - stopped
2025-05-09 16:55:20.142339: [NET] Routine: handshake worker 3 - stopped
2025-05-09 16:55:20.142354: [NET] Routine: handshake worker 4 - stopped
2025-05-09 16:55:20.142358: [NET] Routine: handshake worker 6 - stopped
2025-05-09 16:55:20.142381: [NET] Routine: handshake worker 1 - stopped
2025-05-09 16:55:20.142437: [NET] Routine: decryption worker 4 - stopped
2025-05-09 16:55:20.142432: [NET] Routine: handshake worker 2 - stopped
2025-05-09 16:55:20.142431: [NET] Routine: handshake worker 5 - stopped
2025-05-09 16:55:20.142468: [NET] Routine: decryption worker 2 - stopped
2025-05-09 16:55:20.142523: [NET] Routine: decryption worker 6 - stopped
2025-05-09 16:55:20.142518: [NET] Routine: decryption worker 5 - stopped
2025-05-09 16:55:20.142589: [NET] Routine: decryption worker 3 - stopped
2025-05-09 16:55:20.142623: [NET] Routine: encryption worker 3 - stopped
2025-05-09 16:55:20.142662: [NET] Routine: encryption worker 5 - stopped
2025-05-09 16:55:20.142686: [NET] Routine: encryption worker 6 - stopped
2025-05-09 16:55:20.142730: [NET] Routine: encryption worker 4 - stopped
2025-05-09 16:55:20.142731: [NET] Routine: encryption worker 1 - stopped
2025-05-09 16:55:20.142751: [NET] Routine: encryption worker 2 - stopped
2025-05-09 16:55:20.168485: [APP] Tunnel 'mytunnel' connection status changed to 'disconnected'

  @thomas_l 

Hi,

From your screenshot of the "ThomasIphone" connection as well as from the WireGuard client log we can see that the IPv4 address of the WireGuard server ("Endpoint") is being replaced by an IPv6 address.

However, to my knowledge, the VPN servers of TP-Link routers do not support IPv6 yet.

I have googled a bit and it seems that WireGuard doesn't offer an option to stop it from automatically updating the Endpoint address.

I think what you can try is to disable IPv6 on the BE230 and then check whether the WireGuard connection starts working.

  @woozle 

Hi,

I do have ipv6 disabled on the router and when I connect a IPv4 address apears on the vpn connections page. I am connecting with my phone and my opeartor provides 464XLAT so thats where I am assuming I am getting a V4 address. I can connect to the wireguard server on my phone and access my local network but I can not access internet through the tunnel.