Text only | Text with Images

OPNsense Forum

Archive => 19.7 Legacy Series => Topic started by: Yolo on December 10, 2019, 09:00:54 PM

Title: [Solved] Wireguard - wg0 not available at interfaces.
Post by: Yolo on December 10, 2019, 09:00:54 PM
I am trying to get wireguard going using this tutorial: https://blog.linuxserver.io/2019/11/16/setting-up-wireguard-on-opnsense-android/

One of the steps I need to take is to create a new assignment for wg0, so that traffic can flow. However, when I go to assignments, wg0 is nowhere to be found. Logging in via ssh and listing all the interfaces gives me only the WAN and LAN. I installed the plugin using the System - Firmware - Plugins method.

Anyone any idea what might be going wrong here?
Title: Re: Wireguard - wg0 not available at interfaces.
Post by: mimugmail on December 10, 2019, 09:44:40 PM
WireGuard not running?
Title: Re: Wireguard - wg0 not available at interfaces.
Post by: Yolo on December 10, 2019, 11:01:56 PM
I thought it kept running, but the service keeps stopping. Only see this in the logs:

Dec 10 23:07:30   kernel: wg0: link state changed to DOWN
Dec 10 23:07:30   kernel: tun0: changing name to 'wg0'
Title: Re: Wireguard - wg0 not available at interfaces.
Post by: mimugmail on December 11, 2019, 06:05:48 AM
Can you start WireGuard via CLI and check the output?
Title: Re: Wireguard - wg0 not available at interfaces.
Post by: Yolo on December 11, 2019, 06:32:17 AM
Quote from: mimugmail on December 11, 2019, 06:05:48 AM
Can you start WireGuard via CLI and check the output?

Could you explain to me how to do that? Probably need to ssh in and then?
Title: Re: Wireguard - wg0 not available at interfaces.
Post by: mimugmail on December 11, 2019, 06:55:13 AM
SSH, Type 8 for Console, then:

/usr/local/etc/rc.d/wireguard restart
Title: Re: Wireguard - wg0 not available at interfaces.
Post by: Yolo on December 11, 2019, 07:25:42 AM
Quote from: mimugmail on December 11, 2019, 06:55:13 AM
SSH, Type 8 for Console, then:

/usr/local/etc/rc.d/wireguard restart

Running that command gives:

Quote
/usr/local/etc/rc.d/wireguard restart
wg-quick: `wg0' is not a WireGuard interface
  • wireguard-go wg0
    INFO: (wg0) 2019/12/11 07:23:21 Starting wireguard-go version 0.0.20191012
  • wg setconf wg0 /tmp/tmp.64MsU480/sh-np.qmmiA2
    Line unrecognized: `PublicKey='
    Configuration parsing error
  • rm -f /var/run/wireguard/wg0.sock
When I look at /usr/local/etc/wireguard/wg0.conf, I get the following:

Quote
[Interface]
Address = 10.0.2.0/24
DNS = 1.1.1.1
ListenPort = 51820
PrivateKey = CN93K+/YuYpMlQbCm0caalsRnJWU+EfP4kgU+g*****=
[Peer]
PublicKey = QKXb7WW8VdGGDLz4LMOleM/Eh8tq8fGTYnPZmf*****=
AllowedIPs = 10.0.2.2/32
PersistentKeepalive = 60
[Peer]
PublicKey =
AllowedIPs = 10.0.2.3/32
PersistentKeepalive = 60

So only the peer public key is empty, but that is correct right? Since this is the server.
Title: Re: Wireguard - wg0 not available at interfaces.
Post by: zer0k on December 11, 2019, 07:47:30 AM
That 2nd peer public key needs to be filled in :)
Title: Re: Wireguard - wg0 not available at interfaces.
Post by: Yolo on December 11, 2019, 05:38:20 PM
Solved the issue. Apparently, I created a peer without a public key in the past. Since it was not working, I deleted the plugin and reinstalled it. I think that wg0.conf wasn't deleted when I removed the plugin (have not verified this), so the old settings were still there. Deleted wg0.conf, deleted the plugin, rebooted opnsense, installed the plugin and this time I got the wg0 interface.

Thanks for all the support!

Now onto the next challenge. I am connected to the Opnsense firewall, but cannot reach anything on the network or on the internet...
Title: Re: [Solved] Wireguard - wg0 not available at interfaces.
Post by: Spoonman2002 on April 02, 2020, 02:08:18 PM
- create gateway in System > Single > Gateways
- create a rule (or rules) in Firewall > NAT > Outbound.
also see this thread:
https://forum.opnsense.org/index.php?topic=15105.msg70130#msg70130
Text only | Text with Images