diff --git a/group_vars/all/general.yml b/group_vars/all/general.yml
index 1262fca4b..c202250a9 100644
--- a/group_vars/all/general.yml
+++ b/group_vars/all/general.yml
@@ -29,8 +29,6 @@ sysupgrade_preserve_custom_files:
   - /etc/uhttpd.key
   - /etc/dropbear/dropbear_rsa_host_key
   - /etc/dropbear/dropbear_ed25519_host_key
-  - /etc/wireguard/wg.pub
-  - /etc/wireguard/wg.key
   - /root/
 
 image_search_pattern: "*-sysupgrade.*"
diff --git a/roles/cfg_openwrt/templates/common/config/network.j2 b/roles/cfg_openwrt/templates/common/config/network.j2
index 8491f8b4c..074b19d3c 100644
--- a/roles/cfg_openwrt/templates/common/config/network.j2
+++ b/roles/cfg_openwrt/templates/common/config/network.j2
@@ -54,13 +54,12 @@ config interface 'loopback'
     {% set port = int_port + ('' if untagged else '.' + vid) %}
   {% endif %}
   {% set bridge_name = 'br-' + name %}
-  {% set bridge_needed = name in wifi_networks or network.get('mesh_ap') == inventory_hostname or (role == 'corerouter' and 'tunnel_wan_ip' in network) or (role == 'corerouter' and network['role'] == 'uplink' and network.get('uplink_mode') != 'direct') %}
+  {% set bridge_needed = name in wifi_networks or network.get('mesh_ap') == inventory_hostname or (role == 'corerouter' and network['role'] == 'uplink' and network.get('uplink_mode') != 'direct') %}
   {% set port_needed = not (role == 'corerouter' and network.get('mesh_ap') == inventory_hostname) %}
 
   {%- if (role == 'corerouter' and network['role'] == 'mesh') or ('assignments' in network and inventory_hostname in network['assignments'])
      or name in wifi_networks
      or network.get('mesh_ap') == inventory_hostname
-     or (role == 'corerouter' and 'tunnel_wan_ip' in network)
      or (role == 'corerouter' and network['role'] == 'uplink' and network.get('uplink_mode') != 'direct')
      %}
 config interface '{{ name }}'
diff --git a/roles/cfg_openwrt/templates/corerouter/config/tunnelmanager.j2 b/roles/cfg_openwrt/templates/corerouter/config/tunnelmanager.j2
deleted file mode 100644
index 13ab50791..000000000
--- a/roles/cfg_openwrt/templates/corerouter/config/tunnelmanager.j2
+++ /dev/null
@@ -1,21 +0,0 @@
-#jinja2: trim_blocks: "true", lstrip_blocks: "true"
-{% for network in networks | selectattr('tunnel_wan_ip', 'defined') %}
-  {% set name = network['name'] if 'name' in network else network['role'] %}
-  {% set bridge_name = 'br-' + name %}
-config tunnelmanager '{{ name }}'
-	option interface '{{ (bridge_name if bridge_name | length <= 15) | mandatory('The generated inteface name exceeds the 15 characters limit of the linux kernel. Try to shorten the name to resolve this.') }}'
-	option namespace '{{ network['tunnel_namespace']|default(name) }}'
-	option mtu '{{ network['tunnel_mtu']|default(1280) }}'
-	option uplink_ip '{{ network['tunnel_wan_ip'] }}'
-	option uplink_gateway '{{ network['tunnel_wan_gw'] }}'
-	option tunnel_count '{{ network['tunnel_connections']|default(2) }}'
-	option tunnel_timeout '{{ network['tunnel_timeout']|default(160) }}'
-	option check_interval '{{ network['tunnel_check_interval']|default(30) }}'
-	option up_script '{{ network['tunnel_up_script']|default('/usr/share/tunnelman/up.sh') }}'
-	option up_script_args '{{ network['tunnel_up_script_args']|default(network['tunnel_mesh_prefix_ipv4']) }} 12800 0.4'
-	option down_script '{{ network['tunnel_down_script']|default('/usr/share/tunnelman/down.sh') }}'
-  {% for gateway in groups['role_gateway'] | sort %}
-        # {{ gateway }}
-	list tunnel_endpoints '{{ hostvars[gateway]['uplink']['ipv4'] | ansible.utils.ipaddr('address') }}'
-  {% endfor %}
-{% endfor %}
diff --git a/roles/cfg_openwrt/templates/corerouter/nftables.d/20-wg-maxseg-size.nft.j2 b/roles/cfg_openwrt/templates/corerouter/nftables.d/20-wg-maxseg-size.nft.j2
index b497ac9ee..a7a0ab38f 100644
--- a/roles/cfg_openwrt/templates/corerouter/nftables.d/20-wg-maxseg-size.nft.j2
+++ b/roles/cfg_openwrt/templates/corerouter/nftables.d/20-wg-maxseg-size.nft.j2
@@ -1,17 +1,3 @@
-{% if (networks | selectattr('tunnel_wan_ip', 'defined') | count > 0) %}
-{% set TCP_HEADER_SIZE = 20 %}
-{% set IPV4_HEADER_SIZE = 20 %}
-{% set IPV6_HEADER_SIZE = 40 %}
-{% set min_mtu = ([1280] + (networks | selectattr('tunnel_mtu', 'defined') | map(attribute='tunnel_mtu') | list)) | min | int %}
-{% set ipv4_mss = min_mtu - TCP_HEADER_SIZE - IPV4_HEADER_SIZE %}
-{% set ipv6_mss = min_mtu - TCP_HEADER_SIZE - IPV6_HEADER_SIZE %}
-chain wg_maxseg {
-    type filter hook forward priority -1; policy accept;
-	oifname "wg_*" tcp flags syn tcp option maxseg size set meta nfproto map { ipv4 : {{ ipv4_mss }}, ipv6 : {{ ipv6_mss }} }
-	iifname "wg_*" tcp flags syn tcp option maxseg size set meta nfproto map { ipv4 : {{ ipv4_mss }}, ipv6 : {{ ipv6_mss }} }
-}
-{% endif %}
-
 {% if (networks | selectattr('role', 'equalto', 'tunnel') | count > 0) %}
 {% set TCP_HEADER_SIZE = 20 %}
 {% set IPV4_HEADER_SIZE = 20 %}