OPNsense Forum

English Forums => Virtual private networks => Topic started by: eric20 on October 27, 2020, 05:52:39 am

Title: Wireguard bind address
Post by: eric20 on October 27, 2020, 05:52:39 am

Hello,

In the Road Warrior Wireguard docs https://docs.opnsense.org/manual/how-tos/wireguard-client.html#step-2b-setup-firewall-rules (https://docs.opnsense.org/manual/how-tos/wireguard-client.html#step-2b-setup-firewall-rules) "Step 2b, setup firewall rules" it says make the redirect IP "The LAN IP of the firewall." I'm assuming the Wireguard daemon binds to one interface, and that this interface is what the redirect IP needs to be. But is there something special about a network someone may or may not have named "LAN?" Is there a way to confirm what interface Wireguard is listening on?

I have a network named LAN, but I've messed around with it a bit and turned it into a bridge across a physical port and a VLAN, and I'm wondering if this could explain why I don't see a handshake, even though I see traffic being forwarded to my LAN address upon starting the peer.
Any insight would be appreciated.

Title: Re: Wireguard bind address
Post by: mimugmail on October 27, 2020, 05:58:35 am

It binds to 0.0.0.0, I think that the redirect is not a must, no idea where it comes from