OPNsense Forum
English Forums => General Discussion => Topic started by: sashxp on August 05, 2019, 09:46:21 pm
-
Hi Guys,
i can't get my new Wireguard VPN Setup to work. I can't see established connection but i cant see my Mistake!? Perhaps some of the Wireguard Experts could help me a bit?!
1. Server Setup, i have configured the following things on the OPNSense Site:
(https://i.ibb.co/RNPsMck/2019-08-05-21-31-16-WAN-Rules-Firewall-OPNsense.png) (https://ibb.co/5kvSzLg)
(https://i.ibb.co/d4jV7j9/2019-08-05-21-32-47-Wire-Guard-Rules-Firewall-OPNsense.png) (https://ibb.co/v4VTDV5)
(https://i.ibb.co/fGvMPX1/2019-08-05-21-33-43-Outbound-NAT-Firewall-OPNsense.png) (https://ibb.co/tPXBWHm)
(https://i.ibb.co/h94nyT9/2019-08-05-21-34-45-Wire-Guard-VPN-OPNsense.png) (https://ibb.co/3dj87Pd)
(https://i.ibb.co/NKGSJCw/2019-08-05-21-36-06-Wire-Guard-VPN-OPNsense.png) (https://ibb.co/2dpNChX)
upload pictures (https://de.imgbb.com/)
2. On the iPhone i have configured as following:
(https://i.ibb.co/4Pfjtjh/iphone.png) (https://ibb.co/4Pfjtjh)
Perhaps i have missed just a little? So, please help me :-)
i have read the following Links:
https://forum.opnsense.org/index.php?topic=11737.0
https://forum.opnsense.org/index.php?topic=13461.0
https://genneko.github.io/playing-with-bsd/networking/freebsd-wireguard-quicklook/
the great site from mimugmail https://www.routerperformance.net/opnsense/opnsense-and-wireguard/
sash
-
On the iPhone allowed IPs should be 0.0.0.0/0 in ordner to get everything over the tunnel.
-
I don't think that this would be the Problem. I don't get a "handshake" - and i don't find the right Log to locate the Problem.
Can it be a Problem with the Keys? Or the Endpoints?
-
Public Key of Server and Endpoint can't be the same, this doesn't make sense.
-
Wooohooooo Thank you! That was it! Everything works now like a charm :)
-
Now i try to get AZIREVPN to work with WireGuard. I'll follow your tut at https://www.routerperformance.net/opnsense-wireguard-plugin-azirevpn/ :-) Thank you!
-
It's also at the official doc at docs.opnsense.org :)
-
Next Problem in Configuration is to add a Gateway which doesn't work. I follow your Tut, but i cannot create a Gateway. If i click to add and fill in the fields, and then apply the settings, there is no new entry.
am i doing something wrong or is it just a bug?
Screenshots:
(https://i.ibb.co/zGz9Qg3/2019-08-06-15-19-56-Single-Gateways-System-OPNsense.png) (https://ibb.co/zGz9Qg3) (https://i.ibb.co/S5KH4fJ/2019-08-06-15-24-05-Single-Gateways-System-OPNsense.png) (https://ibb.co/S5KH4fJ) (https://i.ibb.co/rKhRXFr/2019-08-06-15-24-34-Single-Gateways-System-OPNsense.png) (https://ibb.co/rKhRXFr) (https://i.ibb.co/FwCZp6L/2019-08-06-15-24-52-Single-Gateways-System-OPNsense.png) (https://ibb.co/FwCZp6L)
-
Okay, i've testing around and "created" tons of Gateway entry but none showed up in the Table of the Gateways.
if i export my config i see tons of gateways, all for opt3 (the azirevpn interface)
<gateway_item>
<interface>opt3</interface>
<gateway>dynamic</gateway>
<name>x</name>
<priority>255</priority>
<weight>1</weight>
<ipprotocol>inet</ipprotocol>
<interval/>
<descr/>
<monitor_disable>1</monitor_disable>
</gateway_item>
in addition i have now 4 dpinger service instances which couldn't start and my "real gateway" to route the Traffic isnot there.
@mimugmail - are you having a hint? Or is it just a bug in OPNSense?! At this point i did not get any further.
(https://i.ibb.co/x2k75R8/2019-08-06-22-59-05-Dashboard-Lobby-OPNsense.png) (https://ibb.co/sgfV3MJ)
-
Can you open config.xml and remove those entries by hand, then add a new gateway via UI and instead of using IP "dynamic", set the gateway IP of Azire.
-
https://forum.opnsense.org/index.php?topic=13728.msg63369#msg63369