I'm sweating now for more than 8 hours in front of my PC. I tried multiple installations, different peers, different tunnel addresses, different everything. still cannot get Wireguard to work. It has worked yesterday but out of a sudden, without changing anything (just a reboot due to a short power outage) I'm unable to get WG back to live. The log shows every time /usr/local/opnsense/scripts/Wireguard/wg-service-control.php: ROUTING: entering configure using 'opt1'.
Another strange thing: If I let "Disable Routes" unchecked, sometimes it kills the whole internet connection. Something strange is happening. I'm really a newbie on OPNsense but it feels like it isn't my mistake.
Sometimes I can see a handshake but only a few KB up and download, on another try, nothing is happening. Is it just me or are there some bugs in this version?
the following settings have been made:
I want to use wireguard in a roadwarrior setting. I want to use Wireguard for my phone to use Pihole. I have a interface assigned.
The WAN rule to allow external access to WG is set :
IPv4 UDP * * WireGuard (Group) net 51820 * * Allow acces from outside to WG
also I have a Floating Rule for any interface to access Pihole
IPv4 TCP/UDP * * PiHole_DNS_Resolver 53 (DNS) * * * Allow Access to DNS
on WG i have a rule to allow access to everything (I know that this is bad, but it is now for testing:
IPv4 * WireGuard (Group) net * * * * * Allow all WGs access to any
There is a forward rule to forward every other DNS request to Pihole
LAN WAN WG0 WireGuard (Group) TCP/UDP * * ! LAN net 53 (DNS) PiHole_DNS_Resolver 53 (DNS) Redirect DNS request to internal DNS resolver on all Interfaces
Outbound is set to automatic.
The WG interface is assigned an I configured the instance on Tunnel address 10.0.0.1/24
You need to provide a bit more detail.
Are you using Wireguard on your OPNsense as a server to allow clients to connect into your router (i.e. like a road warrior setup) or are you using WireGuard in OPNsense to connect to an external WireGuard Server (like a VPN)?
I have read that there have been some changes done in the recent WG implementation and Disable Routes functionality seems to have changed.
Throw some more details about your actual setup...
I want to use wireguard in a roadwarrior setting. I want to use Wireguard for my phone to use Pihole. I have a interface assigned.
The WAN rule to allow external access to WG is set :
IPv4 UDP * * WireGuard (Group) net 51820 * * Allow acces from outside to WG
also I have a Floating Rule for any interface to access Pihole
IPv4 TCP/UDP * * PiHole_DNS_Resolver 53 (DNS) * * * Allow Access to DNS
on WG i have a rule to allow access to everything (I know that this is bad, but it is now for testing:
IPv4 * WireGuard (Group) net * * * * * Allow all WGs access to any
There is a forward rule to forward every other DNS request to Pihole
LAN WAN WG0 WireGuard (Group) TCP/UDP * * ! LAN net 53 (DNS) PiHole_DNS_Resolver 53 (DNS) Redirect DNS request to internal DNS resolver on all Interfaces
Outbound is set to automatic.
The WG interface is assigned an I configured the instance on Tunnel address 10.0.0.1/24