Hello everyone,
I am currently trying to configure VPN and after watching 2 Guides, there should be an Interface "Wireguard" under the Firewall rules. Unfortunately there isn't one and I wonder why?
The Guides I followed:
https://docs.opnsense.org/manual/how-tos/wireguard-client.html
https://www.thomas-krenn.com/de/wiki/OPNsense_WireGuard_VPN_f%C3%BCr_Road_Warrior_einrichten
I cant find any error or warning in the logs, that may explain why the Wireguard rules are missing.
Are these guides out of date and the Wireguard Rules are deprecated?
Thx 4ward for any help
Just edit a random Firewall rule without doing changes and it's there
That didn't work.
I tried some steps but none of them worked:
I added the new firewall rule for WAN.
Reloaded all services.
Removed wireguard, rebooted and reinstalled
In the meantime I found out that there was an Update from 1.1 to 1.2 available. I updated it but still no Wireguard Rules. (See Attachment)
WireGuard service is enabled in General tab?
Did you assign the wg0 interface to a symbolic name in the Interface -> Assignments UI?
Quote from: pmhausen on July 27, 2020, 09:48:11 AM
Did you assign the wg0 interface to a symbolic name in the Interface -> Assignments UI?
No need to assign, there should always be a WireGuard tab, assigned interfaces would be there in addition to WireGuard
Quote from: pmhausen on July 27, 2020, 09:48:11 AM
Did you assign the wg0 interface to a symbolic name in the Interface -> Assignments UI?
That worked! Missed that step on Assignments. Seems like the Thomas-Krenn guide is incomplete. Its not mentioned there.
Quote from: mimugmail on July 27, 2020, 09:55:37 AM
Quote from: pmhausen on July 27, 2020, 09:48:11 AM
Did you assign the wg0 interface to a symbolic name in the Interface -> Assignments UI?
No need to assign, there should always be a WireGuard tab, assigned interfaces would be there in addition to WireGuard
Seems like there are some exceptions. Maybe this works on FreeBSD with OpenSSL. I use Hardened and LibeSSL. But I have no clue what could cause this behaviour...
Quote from: mimugmail on July 27, 2020, 09:55:37 AM
No need to assign, there should always be a WireGuard tab, assigned interfaces would be there in addition to WireGuard
Hmm ... I could not add Wireguard to the MDNS Repeater service unless I created a "VPN" interface in Assignments first.
Kind regards,
Patrick
Correct, the first would just create a rules tab which matches packets running through an interface belonging to wireguard group, what you want to achieve is adding a feature to an interface which only works via assigning.
Wireguard cannot choose WAN interface? When I setup OpenVPN, and choose WAN interface and firewall rule will auto show openvpn tab. is this was the reson?
Had the same issue today, reboot and it showed up ;)