New WireGuard kernel module does not work with mullvad VPN

[Vasily Postnicov]

Hello. I try the new module and it does not seem to work for me. I use
mullvad VPN and wireguard-go but want to replace wireguard-go with
kernelspace implementation.

A have the following configuration:
[Interface]
PrivateKey = <private-key>
Address = 10.66.116.246/32,fc00:bbbb:bbbb:bb01::3:74f5/128
DNS = 193.138.218.74

[Peer]
PublicKey = jJVG/lv7RikDG0FMsV3WJgfot5XecPm9aHDrYvU+NAM=
AllowedIPs = 0.0.0.0/0,::0/0
Endpoint = 86.107.21.34:51820

So I try this (12345 is just a random port, I do not have it in the
configuration):
ifconfig wg0 create private-key <private-key> listen-port 12345
ifconfig wg0 peer public-key <public-key> allowed-ips 0.0.0.0/0
allowed-ips ::0/0 endpoint 86.107.21.34:51820
ifconfig wg0 inet 10.66.116.246/32
ifconfig wg0 inet6 fc00:bbbb:bbbb:bb01::3:74f5/128

The interface goes up after "ifconfig wg0 inet" command.
Then I add new routes just like wireguard-go does:
route -q -n add -inet6 ::/1 -interface wg0
route -q -n add -inet6 8000::/1 -interface wg0
route -q -n add -inet 0.0.0.0/1 -interface wg0
route -q -n add -inet 128.0.0.0/1 -interface wg0
route -q -n add -inet 86.107.21.34 -gateway 192.168.20.1

192.168.20.1 is just my default gateway.

I also set sysctl net.inet.ip.forwarding = 1 (some manual told so).
Nothing works in the result, I can ping my gateway and the endpoint,
but nothing else. Wireshark says there are "WireGuard Handshake
Initiation" packages from re0 (my interface connected to the internet)
to the endpoint, but no responses.

What can be wrong?