Hi Guys,
i can't get my new Wireguard VPN Setup to work. I can't see established connection but i cant see my Mistake!? Perhaps some of the Wireguard Experts could help me a bit?!
1. Server Setup, i have configured the following things on the OPNSense Site:
(https://i.ibb.co/RNPsMck/2019-08-05-21-31-16-WAN-Rules-Firewall-OPNsense.png) (https://ibb.co/5kvSzLg)
(https://i.ibb.co/d4jV7j9/2019-08-05-21-32-47-Wire-Guard-Rules-Firewall-OPNsense.png) (https://ibb.co/v4VTDV5)
(https://i.ibb.co/fGvMPX1/2019-08-05-21-33-43-Outbound-NAT-Firewall-OPNsense.png) (https://ibb.co/tPXBWHm)
(https://i.ibb.co/h94nyT9/2019-08-05-21-34-45-Wire-Guard-VPN-OPNsense.png) (https://ibb.co/3dj87Pd)
(https://i.ibb.co/NKGSJCw/2019-08-05-21-36-06-Wire-Guard-VPN-OPNsense.png) (https://ibb.co/2dpNChX)
upload pictures (https://de.imgbb.com/)
2. On the iPhone i have configured as following:
(https://i.ibb.co/4Pfjtjh/iphone.png) (https://ibb.co/4Pfjtjh)
Perhaps i have missed just a little? So, please help me :-)
i have read the following Links:
https://forum.opnsense.org/index.php?topic=11737.0
https://forum.opnsense.org/index.php?topic=13461.0
https://genneko.github.io/playing-with-bsd/networking/freebsd-wireguard-quicklook/
the great site from mimugmail https://www.routerperformance.net/opnsense/opnsense-and-wireguard/
sash
On the iPhone allowed IPs should be 0.0.0.0/0 in ordner to get everything over the tunnel.
I don't think that this would be the Problem. I don't get a "handshake" - and i don't find the right Log to locate the Problem.
Can it be a Problem with the Keys? Or the Endpoints?
Public Key of Server and Endpoint can't be the same, this doesn't make sense.
Wooohooooo Thank you! That was it! Everything works now like a charm :)
Now i try to get AZIREVPN to work with WireGuard. I'll follow your tut at https://www.routerperformance.net/opnsense-wireguard-plugin-azirevpn/ :-) Thank you!
It's also at the official doc at docs.opnsense.org :)
Next Problem in Configuration is to add a Gateway which doesn't work. I follow your Tut, but i cannot create a Gateway. If i click to add and fill in the fields, and then apply the settings, there is no new entry.
am i doing something wrong or is it just a bug?
Screenshots:
(https://i.ibb.co/zGz9Qg3/2019-08-06-15-19-56-Single-Gateways-System-OPNsense.png) (https://ibb.co/zGz9Qg3) (https://i.ibb.co/S5KH4fJ/2019-08-06-15-24-05-Single-Gateways-System-OPNsense.png) (https://ibb.co/S5KH4fJ) (https://i.ibb.co/rKhRXFr/2019-08-06-15-24-34-Single-Gateways-System-OPNsense.png) (https://ibb.co/rKhRXFr) (https://i.ibb.co/FwCZp6L/2019-08-06-15-24-52-Single-Gateways-System-OPNsense.png) (https://ibb.co/FwCZp6L)
Okay, i've testing around and "created" tons of Gateway entry but none showed up in the Table of the Gateways.
if i export my config i see tons of gateways, all for opt3 (the azirevpn interface)
<gateway_item>
<interface>opt3</interface>
<gateway>dynamic</gateway>
<name>x</name>
<priority>255</priority>
<weight>1</weight>
<ipprotocol>inet</ipprotocol>
<interval/>
<descr/>
<monitor_disable>1</monitor_disable>
</gateway_item>
in addition i have now 4 dpinger service instances which couldn't start and my "real gateway" to route the Traffic isnot there.
@mimugmail - are you having a hint? Or is it just a bug in OPNSense?! At this point i did not get any further.
(https://i.ibb.co/x2k75R8/2019-08-06-22-59-05-Dashboard-Lobby-OPNsense.png) (https://ibb.co/sgfV3MJ)
Can you open config.xml and remove those entries by hand, then add a new gateway via UI and instead of using IP "dynamic", set the gateway IP of Azire.
https://forum.opnsense.org/index.php?topic=13728.msg63369#msg63369