Why does my MacOS Server’s WireGuard peer have no Web Entry in the community?

With my older MacBook Pro lying dormant, I decided to repurpose it as a DIY home server. I’m having difficulty getting it up and running as a server. Despite being positioned traditionally for a successful handshake, there was no Web entry for the peer connecting to the server.

I will improve the text in a different style as a professional editor.

The following record specifies configurations that will direct all traffic from your friends directly to:

(Note: I improved the text by adding words to make it clearer and concise) en0 interface on my server. After attempting to manipulate the domain name system, I have verified that my resolver configuration file, resolv.conf, contains accurate information.

❯ ifconfig en0 en0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500     choices=6460<TSO4,TSO6,CHANNEL_IO,PARTIAL_CSUM,ZEROINVERT_CSUM>     ether 12:7d:26:80:dd:ee     inet 192.168.1.170 netmask 0xffffff00 broadcast 192.168.1.255     media: autoselect     standing: energetic ❯ cat  /usr/native/and many others/wireguard/postup.sh #!/bin/sh # 1) This ensures our friends proceed to report their Wireguard #    assigned IPs whereas related to the VPN. That is required #    for his or her visitors to get routed accurately by the firewall #    guidelines we crafted earlier with pf. /usr/sbin/sysctl -w internet.inet.ip.forwarding=1 # 2) Getting ready the listing the place we'll persist the pf tokens #    generated by Step (3) & (4). That token can then be utilized by #    our postdown.sh script to take away the routing guidelines when #    Wireguard is shut down. mkdir -p /usr/native/var/run/wireguard chmod 700 /usr/native/var/run/wireguard # 3) Dynamically add the IPv4 NAT rule, allow the firewall, #    improve its reference rely (-E), and persist the reference #    token generated by the command into #    pf_wireguard_token_ipv4_token.txt, which postdown.sh will #    reference when Wireguard is shut down. echo 'nat on en0 from 10.0.10.1/24 to any -> (en0)' |          pfctl -a com.apple/wireguard_ipv4 -Ef - 2>&1 |          grep 'Token' |          sed 'spercentToken : (.*)%1%' > /usr/native/var/run/wireguard/pf_wireguard_ipv4_token.txt IPV4_TOKEN=`sudo cat /usr/native/var/run/wireguard/pf_wireguard_ipv4_token.txt` echo "Added PF IPv4 NAT visitors routing rule with token: ${IPV4_TOKEN}" ❯ cat /usr/native/and many others/wireguard/coordinates.conf [Interface] Handle = 10.0.10.1/24 ListenPort = 61820 PrivateKey = <redacted> SaveConfig = false MTU = 1280 #DNS = 1.1.1.1 PostUp = /usr/native/and many others/wireguard/postup.sh PostDown = /usr/native/and many others/wireguard/postdown.sh # 11: 11 > wgclient_11.conf [Peer] PublicKey = <redacted> PresharedKey = <redacted> AllowedIPs = 10.0.10.2 

The output of the wg Bytes of knowledge are instantly exchanged as a connection is made between a peer and the server, without any web entry on record.

❯ sudo wg interface: utun4   public key: <>   non-public key: (hidden)   listening port: 61820 peer: <>   preshared key: (hidden)   endpoint: 192.168.1.254:45341   allowed ips: 10.0.10.2/32   newest handshake: 8 seconds in the past   switch: 41.92 KiB acquired, 912 B despatched ❯ ifconfig utun4 utun4: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1280     inet 10.0.10.1 --> 10.0.10.1 netmask 0xffffff00 ❯ sudo /usr/sbin/networksetup -setdnsservers Wi-Fi 1.1.1.1 ❯ cat /and many others/resolv.conf # # macOS Discover # # This file will not be consulted for DNS hostname decision, tackle # decision, or the DNS question routing mechanism utilized by most # processes on this technique. # # To view the DNS configuration utilized by this technique, use: #   scutil --dns # # SEE ALSO #   dns-sd(1), scutil(8) # # This file is robotically generated. # search lan nameserver 1.1.1.1 -- I am ready to connect with the web from the server, with a SSH session ❯ ping google.com PING google.com (142.250.217.110): 56 information bytes 64 bytes from 142.250.217.110: icmp_seq=0 ttl=119 time=14.757 ms 64 bytes from 142.250.217.110: icmp_seq=1 ttl=119 time=14.312 ms ^C --- google.com ping statistics --- 2 packets transmitted, 2 packets acquired, 0.0% packet loss round-trip min/avg/max/stddev = 14.312/14.534/14.757/0.223 ms 

I’m unsure about my approach; could someone provide guidance here? There appears to be an issue with my firewall configuration, but I’m not well-versed in setting it up on a Mac.

After experimenting with a Docker container to set up WireGuard, I encountered the same issue, prompting me to switch to a bare-metal environment.