I've currently wireguard setup on a raspberry pi (pivpn) and port forwarding is set up. From a wireguard peer, I can browse internet over tunnel and access lan resources.
I've recently set up OPNSense and started playing with the wireguard plugin but I cant seem to get the config right. I've followed this guide through step 2b. https://docs.opnsense.org/manual/how-tos/wireguard-client.html
I am able to connect my ios peer to my OPNSense wireguard instance, but dont have any lan or wan access past that. Am I missing a translation or route between my tunnel vlan 10.98.7.0/24 and lan vlan 192.168.2.0/24? I feel like im missing something easy, but I'm just too new to OPNSense to know how to fix it.
Thanks!
I found using "WireGuard net" as the source in the WireGuard interface fw rule did not work. For whatever reason - maybe because I did not specifically assign an interface to wg0, but just used the automatic WireGuard interface that appears. So I defined an Alias for my VPN network and used that in the rule instead
As an aside - I did do some digging in CLI to see whether I could find out exactly what was in "WireGuard net", but couldn't pin it down
Wireguard net, and also OpenVPN net wont work like expected when using multiple instances.
I'd rather not use them at all.
I figured it was something like that, even though all my endpoints were in the same network
Quote from: Greelan on January 29, 2021, 06:53:53 AM
I found using "WireGuard net" as the source in the WireGuard interface fw rule did not work. For whatever reason - maybe because I did not specifically assign an interface to wg0, but just used the automatic WireGuard interface that appears. So I defined an Alias for my VPN network and used that in the rule instead
Thanks, this is exactly what I needed!
I've created a PR to address this issue in the how-to: https://github.com/Greelan/docs/pull/2
PR went to your fork. Can you do one to the upstream docs too? :D
Thanks,
Franco
Ah, oops!
Fixed: https://github.com/opnsense/docs/pull/304