Hi! congrats on the 26 version
Upgrade went smooth. The only issue I have is that my Wireguard client can't access the firewall's webinterface/ssh anymore.
From the wireguard client, I can ping the firewall and I can also access everything else in the LAN network... Just not the firewall interface.
ChatGPT recommended me to assign & enable the "WG0" interface and then under System - Settings - Administration, allow the interface to listen to the WG0 interface (only LAN was selected).
That still doesn't work.
In the legacy rules I now have 'WG0' interface, as well as 'Wireguard (group)'
Is it cause I'm still running legacy rules ? I haven't gone over the migration wizard yet.
thanks
Hello together,
same problem here. No more Wireguard traffic on client after the Upgrade to 26.1. I still have to move the Legacy Firewall rules following the migration assistant.
Thx.
You should create a WG interface, for your WG instance as this is the recommended deployment.
SSH for the FW can bind to all interfaces or particular ones. The ones that are selected are the ones SSH daemon will listen to.
Which IP of which Interface do you try to connect to?
Is that IP of that interface you set SSH listen to?
Additionally you need rules to allow ssh traffic from source on its interface/GW.
Do you allow ssh on the WG?
I would advice as well to follow the docs rather than an AI chatbot that often misinterprets deployments and instructions
https://docs.opnsense.org/manual/how-tos/wireguard-client.html
https://docs.opnsense.org/manual/settingsmenu.html#secure-shell
Regards,
S.
Hello,
after the firewall rules migration everthings works fine. Only Wireguard still does not. The WG logbook gives:
/usr/local/opnsense/scripts/wireguard/wg-service-control.php: The command </usr/bin/wg syncconf 'wg0' '/usr/local/etc/wireguard/wg0.conf'> returned exit code 1 and the output was "Name does not resolve: `mydomain.com:51820' Configuration parsing error".
Ideas?
Edit: fixed.