Wireguard クライアントが nixos でハンドシェイクを完了できない

Mar 07 12:10:16 nixos kernel: wireguard: wg0: Handshake for peer 1 (192.248.152.91:58338) did not complete after 5 seconds, retrying (try 3)
Mar 07 12:10:16 nixos kernel: wireguard: wg0: Sending handshake initiation to peer 1 (192.248.152.91:58338)

許可されたIPを別のものに設定すると機能するようです0.0.0.0。私が理解したように、Wireguard VPNを介してのみそのIPへの接続を送信できます。

  networking.firewall = {
      enable = false;
    };

  # Enable Wireguard
  networking.wireguard.interfaces = {
    wg0 = {
      ips = [ "10.66.66.2/32" ];
      listenPort = 58338; # to match firewall allowedUDPPorts (without this wg uses random port numbers)
      privateKey= "************************";

      peers = [

        {
          publicKey = "***************";
          presharedKey = "*****************";

          allowedIPs = [ "0.0.0.0/0" ];
          #allowedIPs = [ "10.66.66.1" "94.130.178.87" ];

          endpoint = "192.248.152.91:58338"; # ToDo: route to endpoint not automatically configured https://wiki.archlinux.org/index.php/WireGuard#Loop_routing https://discourse.nixos.org/t/solved-minimal-firewall-setup-for-wireguard-client/7577

          # Send keepalives every 25 seconds. Important to keep NAT tables alive.
          persistentKeepalive = 25;
        }
      ];
    };
  };

私はすべて読んだhttps://discourse.nixos.org/t/solved-minimal-firewall-setup-for-wireguard-client/7577/4しかし、IPパスを追加した後もip route add 192.248.152.91 via 10.66.66.1 dev wg0動作に何の変化もないようです。

root@nixos> ip route                                                                                                ~
default dev wg0 scope link 
default via 10.0.2.2 dev eth0 proto dhcp src 10.0.2.15 metric 202 
10.0.2.0/24 dev eth0 proto dhcp scope link src 10.0.2.15 metric 202 
192.248.152.91 via 10.66.66.1 dev wg0