Hi all,
Just wondering if anyone has tried Wireguard with the Captive Portal?
My attempts to get it to work have ended in misery so far, essentially once the WG tunnel is set up, all packets can get through without needing to use the Captive Portal.
I have a feeling this might be due to the Captive Portal only being able to see the individual wgX interfaces. The Firewall section only seems to have an effect on the parent "WireGuard" interface that doesn't get listed in the Interfaces section (a general frustration with the WG plugin, FW rules on the individual WG interfaces wg0, wg1 etc don't have an affect).
(http://interfaces.jpg)
(http://firewall.jpg)
(http://captiveportal.jpg)
Kind Regards,
Adam
I wrote a short article about how to go about it
https://obengafrane-oa.medium.com/wireguard-peer-authentication-a-captive-portal-approach-c464e4be8675
Thank you very much Obeng for putting that together, it is working like a dream now.
The issue I had was having the "generic" WireGuard interface with an allow all rule, a WG tutorial I read mentioned that the rules only work on this generic interface, not the individually assigned interface per WG tunnel.
Once I swapped the rules over everything worked.
Thanks again for your help.
You are welcome