Hello all,
I am beginning to use Wireguard for C2S communication and it seems to work well. I have a wg1 device that was created in the Interfaces section of OPNsense, and labeled Wireguard. Now I am about to embark on trying to get a S2S connection going. Do I need a second interface in the OPNsense Interface section, for what will be wg2, or does the S2S connection not need this?
Thanks,
Steve
Depends. An interface (wg1, wg2, ...) gets created by WireGuard for each local instance. Assigning these interfaces (Interfaces: Assignments) is optional. If the routes created by WireGuard are sufficient and you only want to add firewall rules to WireGuard (Group) (which apply to all WireGuard instances), then you don't have to assign the wg interfaces at all.