I have the next setup:
1 VyOS 1.3 and 2 wireguard peers.
The main WG server has the ip 192.168.110.254
The peers has the ips 192.168.110.1 and 192.168.110.5.
The WG config on the .254 is:
vyos@vyos# show interfaces wireguard wg0
address 192.168.99.1/24
peer client2 {
allowed-ips 0.0.0.0/0
persistent-keepalive 20
pubkey TD/hplu0Xo4scK0jrNXPGRaOXw6dicF/6TWuF5bLqTQ=
}
peer mullvad {
allowed-ips 0.0.0.0/0
persistent-keepalive 10
pubkey Pookh06aS25jss/zX5aUcnsDtR3qwj30Xnh6F9Gn5hA=
}
port 51820
private-key t_test1
And the summery of the WG interface is:
vyos@vyos# run show interfaces wireguard wg0 summary
interface: wg0
public key: y3x54xJY4kuJ8N54CqK5yrNmOLypQxrm1zbwr3KM/GY=
private key: (hidden)
listening port: 51820
peer: TD/hplu0Xo4scK0jrNXPGRaOXw6dicF/6TWuF5bLqTQ=
endpoint: 192.168.110.5:58784
allowed ips: (none)
latest handshake: 3 seconds ago
transfer: 1.28 KiB received, 308 B sent
persistent keepalive: every 20 seconds
peer: Pookh06aS25jss/zX5aUcnsDtR3qwj30Xnh6F9Gn5hA=
endpoint: 192.168.110.1:13231
allowed ips: 0.0.0.0/0
latest handshake: 53 seconds ago
transfer: 6.57 KiB received, 5.33 KiB sent
persistent keepalive: every 10 seconds
peer: EiMmRBXdwkEzpDaNOkMieNsu30MXpN3vszdBCWM5VH0=
allowed ips: (none)
persistent keepalive: every 10 seconds
[edit]
As you can see the peers are connected but in the summary there is only one peer that is allowed 0.0.0.0/0
Another issue is that despite to the fact that I removed one peer he is still present.
I think this is a bug since on plain Debian and other Linux and routing systems I am able to set this up properly.