Hi, I am very new to opnsense and networking.
I setup Mullvad with wireguard using the following tutorials.
https://docs.opnsense.org/manual/how-tos/wireguard-client-mullvad.html
https://notes.aliciasykes.com/18842/how-to-mullvad-vpn-using-wireguard-on-opnsense
I was able to setup the VPN on the LAN port and another interface and it works!
The problem I have is that whenever VPN is on, I loose internet on all the interface ports that are not setup with VPN. When VPN is not checked/enabled, internet works on all ports.
Am I overlooking something simple here or does this require some troubleshooting?
Sounds like you want to implement selective routing: https://docs.opnsense.org/manual/how-tos/wireguard-selective-routing.html
Thank you for this.
Regarding step 7 "Content - Enter the host IPs, or the network in CIDR format"
Are the host IP's that they are looking for here the publicly available IP address of the VPN servers? https://mullvad.net/en/servers
Or are the IP's they are looking for here the private tunnel IP addresses?
Neither.
It's the local IPs of the particular machines/VMs etc that you want to use the tunnel.
Eg you have a PC on 192.168.1.10 in your network. Include that.
Or you have an entire VLAN subnet like 10.0.1.10/24 that you want anything on that subnet to use the tunnel. Include that.
Understood.
Regarding step 8: "Then go to Firewall ‣ Rules ‣ [Name of interface for network in which hosts/network resides, eg LAN for LAN hosts]"
Is this asking me for the interface I setup as "Mullvad" (which is not a port/network plug) or the interface port/plug number where I want the VPN, or the port designated as "LAN" or something else?
I think it is pretty clear? You want certain hosts in your network to use the tunnel. What subnet are they in? Use the interface for that subnet