I followed the tutorial for an OPNsense WireGuard Road Warrior Setup with success.... :D
https://docs.opnsense.org/manual/how-tos/wireguard-client.html
I found an Powershell script for client key generation and management automation, also great. Keys are automatically deployed to the clients. 8)
For smaller setups up to 10 to 20 clients it is fine.
For larger setups the Copy/Paste of the WG public keys and PSK keys is quite painful into the Peers-section (VPN, Wireguard, Settings, Peers) in OPNSense. A export import feature (like with Firewall Aliases) for peer entries would make large setups much easier.
Any thoughts?
I agree with. Even on editing a single peer configuration, it would be very useful to have the possibility to export the modified configuration to a config file. Actually, we are modifying existing peer configuration in the already existing external config files.
Also, as a feature request (see separate post (https://forum.opnsense.org/index.php?topic=47418.0)) it would be very useful, that in the field "Allowed IPs" firewall Aliases for network (groups) and host definitions could be used, that would be resolved appropriately, when exported to single or multiple peer config files