opnsense 24.1.6 : I've created a wireguard interface, and used the peer generator to generate a configuration for an iOS device.
I did add a pre-shared key, and have also specified a DNS server, and also tried a keepalive (optional)
When using the *official* wireguard app on IOS, I get 'Invalid QR code' (with or without the PSK)
Is this expected to work?
The generated config is:
[Interface]
PrivateKey = longkey
Address = 10.10.10.2/32
DNS = 9.9.9.9
[Peer]
PublicKey =
PresharedKey = longpsk
Endpoint = 1.2.3.4
AllowedIPs = 0.0.0.0/0,::/0
PersistentKeepalive = 90
I've tried that also, same error !...
Could you be missing the end-point port number?
And presuming you have a peer PublicKey value.
port number is key here, true.
But also, one note that the port is not transfered to the peer "endpoint port" field, that has to be adapted manually.
FWIW I'm using duckdns and autocorrect put a space between "duck" and "dns". That caused this error for me.
I got similar experience on my Samsung Tablet ( Android )
On my phone ( GrapheneOS ) thankfully everything worked like a dream.
I used to have a dedicated WireGuard VPN VM coz it was a nightmare to get it working on OPNSense, with the latest release things are a lot smoother.
The workaround for me would be:
- Save the content of Config tab into a text file
- Install a package called qrencode on your pc assuming you are usiing Linux of course
- Then run: qrencode -t ansiutf8 -r "config_file_you_saved.conf"
It will generate the QR code for you.
If this is a OPNSense thing, it will work.
That is how I used to generate the QR code for the self hosted WireGuard before moving to OPNSense.