Wireguard container (client), setting AllowedIPs on wg0.conf breaks all connections

(Using Podman)

I’m trying to set up a new custom network on docker-compose. So that didn’t work.

Eventually I traced the problem to the AllowedIPs setting. Which is a problem, because setting it to anything other than AllowedIPs = breaks connections completely, so connecting to other containers in the same host is impossible.

In fact, I tried setting it to AllowedIPs =,, which should be the same if I’m not mistaken. It also fails completely.

When it works I’m getting internet connection and a different IP. This problem also happens through the terminal and through docker-compose.

Here’s the command I used to test:

sudo podman run \
-e TZ=America/Santiago \
-e PUID=1000 -e PGID=1000 \
--sysctl net.ipv4.conf.all.src_valid_mark=1 \
-v ./wireguard/ok.conf:/config/wg0.conf:ro \
-v /lib/modules:/lib/modules:ro \
--privileged \
--restart=unless-stopped \
-it lscr.io/linuxserver/wireguard:latest

Here’s my docker-compose (truncated to its bare essentials, it should work but the same problem happens):

    image: lscr.io/linuxserver/wireguard:latest
    container_name: borealis_wireguard
    privileged: true
      - NET_ADMIN
      - SYS_MODULE
      - TZ=America/Santiago
      - PUID=1000
      - PGID=1000
    restart: "unless-stopped"
      - net.ipv4.conf.all.src_valid_mark=1
      - ./wireguard/ok.conf:/config/wg0.conf:ro
      - /lib/modules:/lib/modules:ro

And here’s my wg0.conf:

# client
Address =
PrivateKey = [redacted]

# server
PublicKey = [redacted]
AllowedIPs =,
Endpoint = [redacted]:51832
PersistentKeepAlive = 15

Did I hit a bug or is there something I could be missing?