Hello!
After some testing with Network Manager, I have found out that if the wireguard configuration contains a primary DNS in IPv6 format, the VPN won't work. You will be able to connect to PiHole dashboard, but you won't be able to browse the internet, because the DNS, for some reason, is not handled properly.
I am quite confident this is an issue with NM-Wireguard-Plugin. The reason why I am saying this is because if the connection to the VPN is imported manually through nmcli connection import type wireguard file <wg-config-file>
the VPN works fine. However, if the connection is imported through the command line, it won't be visible through NetworkManager GUI: no managing of the connection will be possible.
Given that NM-Wireguard-Plugin has not been updated in 7 months, it's unlikely to see an update now. So, I see only 2 solutions possible
Solution 1: Switch to IPv4 DNS in Wireguard config. That will do the trick and can even be done when creating the WG configuration on GCP. Basically, do not use IPv6 DNS.
Solution 2: Live with the problem. The plugin to handle Wireguard configuration graphically is not 100% reliable and can't handle IPv6 DNS. So, instead of importing WG config through NM GUI, just use nmcli
. Be aware that, by default, the VPN connection will be activated automatically regardless of which WiFi network you are connected to. Also, unless you go specifically look for the VPN connection, it will be completely transparent to you and won't notice it.