This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(76.8, 51%, 17%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ED%3C/text%3E%3C/svg%3E)
I have set up a Wireguard server in Azure VM. Wireguard client in Mango router connecting to it works perfectly.
However, I have tried to forward port 44158 both on the server side and my router client side but https://portchecker.co/
returns the public IP port 44158 is closed.
I can confirm that the port forward on my client side is working because when the same router, this time using OpenVPN client, connects
to my other Azure OpenVPN server, PortChecker returns the other public IP port 44158 is open. As such, the Wireguard port
forward issue is on the Azure Wireguard server side.
In the Azure VM running Wireguard server, here are the relevant IPs:
eth0 (Private IP or VM interface IP) = 10.1.0.4
wg0 (Server’s VPN IP) = 10.7.0.1
allowed IPs (Client's VPN IP) = 10.7.0.2
And here are the response to command "sudo iptables -L -n -t nat" in ssh
root@Wireguard:~# sudo iptables -L -n -t nat
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
DNAT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:44158 to:10.7.0.2:44158
DNAT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:44158 to:10.7.0.2
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
SNAT all -- 10.7.0.0/24 !10.7.0.0/24 to:10.1.0.4
SNAT all -- 10.7.0.0/24 !10.7.0.0/24 to:10.1.0.4
SNAT tcp -- 0.0.0.0/0 10.7.0.2 tcp dpt:44158 to:10.7.0.1
SNAT all -- 10.7.0.0/24 !10.7.0.0/24 to:10.1.0.4
SNAT all -- 10.7.0.0/24 !10.7.0.0/24 to:10.1.0.4
SNAT all -- 10.7.0.0/24 !10.7.0.0/24 to:10.1.0.4
SNAT all -- 10.7.0.0/24 !10.7.0.0/24 to:10.1.0.4
Could someone kindly check what is wrong in the iptables and how can I correctly do port forward in
Azure Wireguard server?
Oh, sorry! My bad.
The port forward is actually working. I later discovered that the router OpenVPN client port forward rule
cannot be re-used with Wireguard server. After I added a new Wireguard client port forward rule in router,
it is now working.
Hello @Daniel ,
Thank you for providing an update on the solution.
----------------------------------------------------------------------------------------------------------------
Please "Accept your answer" as this will help us and others in the community as well.
Refer : How to accept an answer in Q&A.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(236.8, 75%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMG%3C/text%3E%3C/svg%3E)
@Daniel could you please share with me the rules? Many thanks in advanced