Dear all, I'm trying to do Wireguard to my VPN supplier and I'm having some problems, I start with what I have and add some more background further down in the post.
My provider (ovpn.com) basically provides a file with the settings for a Wireguard client to be stored in /usr/local/etc/wireguard/wgconfigfile.conf and the tunnel to be started by wg-quick up wgconfigfile.conf and then Enable interface and do the outbound nat, that kind of works but the tunnel does not start after a reboot and there are no settings visible in the GUI. I tried to translate what I have in the .config file and do the settings in the GUI but here I'm a bit lost, anyone can help me translate settings from the file to what it's called in the GUI (config file pasted below)?
If I can get this basic initial config working, I will venture out and do some more advanced stuff like use the alias to have just those clients use the tunnel and after that create another wg client and have a gateways group so I failover if my primary WG tunnel fails.
I may well be in over my head here but I'm willing to learn and I try to understand. I had a physical fw that finally broke, replacing it got to be a hassel. I have a physical host where I run some VM's (Openmediavault, dockers, portainer and so on) where I had space and nics to use so I went with OPNsense and WOW it runs well! I have followed guides and done DNS setup, some aliases and port forwarding GEOIP Dynamic DNS and all this cool stuff. It's been running for about two weeks now without any issue. It have far many more features than my old FW had and I have moved off containers and what not to OPNsense and it just work :)
(replaced all addresses in config)
[Interface]
PrivateKey = (ReplacedPrivateKey)
Address = 172.16.12.132/32, very-long-ipv6/128
DNS = 46.47.57.67, 192.165.198.158, very-long-ipv6, very-long-ipv6
[Peer]
PublicKey = (ReplacedPublicKey)
AllowedIPs = 0.0.0.0/0, ::/0
Endpoint = server.stuff.location.ovpn.com:1234
Hi, re: not starting at boot: simply set up a Cron job in the GUI for restarting stale WG tunnels and you're done. The script is in the dropdown menu for Cron jobs in the GUI.
https://forum.opnsense.org/index.php?topic=21659.15
That was nice, thank you!
Question - just use all the defaults or do I need to set anything in the cron?
I use 2-3 min (2 * * * *) as the interval for executing the Cron job, nothing else to be set...
Quote from: chemlud on November 16, 2022, 01:44:35 PM
(2 * * * *)
That's once an hour, 2 minutes past full hour.
This is every 2 minutes - (*/2 * * * *).
Hmmm so I tried this.
Cron Enabled
Minutes */1
Hours *
Days *
Months *
Weekdays *
Command Renew DNS for WireGuard
Reboot OPNsense and Wireguard is not connected, waited a while and still not connected...?
Entered shell and ran: wg-quick up wgconfigfile and Wireguard connects and everything is fine...
Sooo, help?
Minutes */1
What's that?
View post from sanshinron just before mine...
See comment in Cron (GUI)
Enter the minutes for the job to act, can also be a comma-separated list, * (each) or a range (ex. 10,20,30 or 10-30)