Hi David, I haven't seen other reports like this before, so I'm not really sure off hand.
Firstly, do the Macbook and the Thinkpad respond to pings in the first place? Modern macOS and Windows have built-in firewalls that usually prevent this. So make sure that the pings work without WireGuard part of the equation. If you've done this, and it works without WireGuard, and it doesn't work with WireGuard, then we can proceed assuming this is an issue with WireGuard. That config seems fine on a cursory glance. You mentioned that this only happens on certain phones. Which Android phones work as intended, and which do not? Which operating system versions are each of these running? The more general information about this that you can provide, the more we can narrow it down. Between Android releases, there have been subtle changes in their routing particulars, and between Android vendors, I've seen aggressive power management policies affecting WireGuard, and between Android configurations, I've seen newer features like DoH/DoT confusing the VPN subsystem too. And there may be other weird patterns and quirks too. If this really is a problem with "phone X but not phone Y," we'll need some more smells to find out what's going on. Alternatively, you can dump `ip route show table all` and `ip rule show` and `iptables-save` on each of the phones and see if you notice an obvious difference in the routing that netd sets up. That might not lead to a fix of the issue, but it might add more precision to why it's not working as intended. Jason
