- **Save** the rule, and then click **Apply Changes**
..Note::
By setting the Wireguard Interface MTU to 1420 and the MSS to 1360, you ensure that IPv4 and IPv6 can pass through the Wireguard tunnel without being fragmented. Otherwise you could get working ICMP and UDP, but some encrypted TCP sessions will refuse to work. It will also improve your maximum throughput.
By setting the Wireguard Interface MTU to 1420 (IPv6 header 40 bytes + Wireguard header 40 bytes) and the MSS to 1360 (IPv6 header 40 bytes + TCP header 20 bytes), you ensure that IPv4 and IPv6 packets can pass through the Wireguard tunnel without being fragmented. Otherwise some encrypted TCP sessions - especially ssh and https - will refuse to work.