UDM Pro 2.x Wireguard VPN Server

[homebrandcola]

Hi,
I have updated to 2.x on an UDM Pro and been having issues with the Wireguard VPN Server running on it since. I think this is somehow related to the introduction of Teleport using wg natively.

I previously had WG working fine but it stopped after the 2.x update.

I ended up doing a factory reset and reconfiguring everything from scratch.

Moved to using wireguard-go with podman.
(Edit: also tried running everything natively, using the built in wg)

I can successfully get a client to connect, I can see the handshake and the IP of the client - but zero traffic makes it to the client.

tcpdump on wg0 (and other interfaces) on the UDM shows traffic from the VPN client going to things (like DNS server running on pi hole) - but zero traffic getting back to the clients.

I can see DNS queries in pi hole from VPN clients, showing it received traffic.

I've been staring at iptables rules and terminals all day and can't work it out for the life of me.

Enabling / Disabling Teleport makes no difference.

Good news is I can use Teleport as a VPN server for my phone - but can't for any other device ("macOS support coming", and zero support for Windows).

Any ideas?

Thanks.