1
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
2
Virtual private networks / Re: Wireguard Status + Handshakes - Not sure if this could be done worse?
« on: April 16, 2023, 02:04:57 am »By all means, go ahead and point out what is inaccurate in either of the first two posts.Like in the past, you have missed my point - maybe it's deliberate?
3
Virtual private networks / Re: Wireguard Status + Handshakes - Not sure if this could be done worse?
« on: April 16, 2023, 12:26:11 am »
No, BondiBlueBalls is "100 accurate". By all means make suggestions for improvement or highlight problems (preferably with ideas for solutions) - just don't be a dick about it.
4
23.1 Legacy Series / Re: WireGuard Selective Routing to External VPN Endpoint
« on: April 09, 2023, 11:39:25 pm »
Configure it so that those two PCs don't use the tunnel...
(Hopelessly general answer? Bit like the question If you want help troubleshooting why it's not working, you need to post all the relevant configs that you have set up in OPNsense using that tutorial.)
(Hopelessly general answer? Bit like the question If you want help troubleshooting why it's not working, you need to post all the relevant configs that you have set up in OPNsense using that tutorial.)
5
Virtual private networks / Re: Wireguard Client Issues Passing Traffic
« on: March 29, 2023, 11:20:07 pm »
You can do a pcap on OPNsense via the UI. Pretty easy
6
Virtual private networks / Re: Wireguard Client Issues Passing Traffic
« on: March 29, 2023, 10:14:02 pm »
Damn. Lol
This is a bit of a mystery. I can only suggest double checking the outbound NAT rule and that nothing else is interfering with it.
Have you tried turning on logging on the relevant rules and checking what's happening? Or running packet captures?
This is a bit of a mystery. I can only suggest double checking the outbound NAT rule and that nothing else is interfering with it.
Have you tried turning on logging on the relevant rules and checking what's happening? Or running packet captures?
7
Virtual private networks / Re: Wireguard Client Issues Passing Traffic
« on: March 29, 2023, 09:29:18 pm »
Is there traffic shown both ways in the Status tab?
It is normally a sure sign of an issue that there is traffic only one way.
Double checked all keys are in the right place?
It is normally a sure sign of an issue that there is traffic only one way.
Double checked all keys are in the right place?
8
Virtual private networks / Re: Wireguard Client Issues Passing Traffic
« on: March 29, 2023, 12:10:29 pm »
So I've gone through your configs and nothing seems immediately wrong.
A few questions:
- when the tunnel is up, do you see handshake and traffic up and down in the status tab for WG on OPNsense?
- can you try a gateway IP that instead of one below the tunnel address, try one above (10.14.0.3). I have a sense that 10.14.0.1 might be the tunnel endpoint IP at SurfShark. While that should still work, be good to try a unique one
- this looks like your second WG interface. No conflicts with the first one?
- to rule out DNS issues, try a traceroute from your phone to 8.8.8.8 or 1.1.1.1
- what DNS is the phone actually using? Can it reach it when the tunnel is up?
A few questions:
- when the tunnel is up, do you see handshake and traffic up and down in the status tab for WG on OPNsense?
- can you try a gateway IP that instead of one below the tunnel address, try one above (10.14.0.3). I have a sense that 10.14.0.1 might be the tunnel endpoint IP at SurfShark. While that should still work, be good to try a unique one
- this looks like your second WG interface. No conflicts with the first one?
- to rule out DNS issues, try a traceroute from your phone to 8.8.8.8 or 1.1.1.1
- what DNS is the phone actually using? Can it reach it when the tunnel is up?
9
Virtual private networks / Re: Wireguard Client Issues Passing Traffic
« on: March 28, 2023, 08:25:06 am »
You actually don't. It will be auto-assigned.
OP, I will do a closer review of your config and let you know any further thoughts I have.
Do you know the tunnel IP at the SurfShark endpoint?
OP, I will do a closer review of your config and let you know any further thoughts I have.
Do you know the tunnel IP at the SurfShark endpoint?
10
Virtual private networks / Re: Wireguard Client Issues Passing Traffic
« on: March 28, 2023, 05:45:22 am »
A traceroute from the phone would be more useful
11
Virtual private networks / Re: Wireguard Client Issues Passing Traffic
« on: March 28, 2023, 12:12:20 am »
Rather than hijacking someone else's thread, make your own post and get help there. Your issue and setup may be completely different to the OP's and you are only confusing things.
12
23.1 Legacy Series / Re: When Mullvad Wireguard VPN is turned on, no internet on non-VPN interfaces
« on: March 27, 2023, 11:32:47 pm »
I think it is pretty clear? You want certain hosts in your network to use the tunnel. What subnet are they in? Use the interface for that subnet
13
Virtual private networks / Re: Wireguard Client Issues Passing Traffic
« on: March 27, 2023, 03:54:46 pm »
OP, why are you masking the tunnel address and gateway address?
Why is the tunnel address a /16?
Have you include the correct gateway on the OPNsense local config?
Why is the tunnel address a /16?
Have you include the correct gateway on the OPNsense local config?
14
General Discussion / Re: Host on VLAN A can't ping VLAN B within same router
« on: March 26, 2023, 10:13:49 pm »
What upstream gateway is set on the VLAN interface assignments?
15
General Discussion / Re: Wiregaurd with VLAN selective routing
« on: March 26, 2023, 03:10:07 am »
Yeah, that IP is the Nord endpoint. So you are not setting a local gateway IP. Might update the guide to allow for this