OPNsense Forum

Archive => 21.1 Legacy Series => Topic started by: jaybowee on February 19, 2021, 05:43:46 pm

Title: WireGuard Issue
Post by: jaybowee on February 19, 2021, 05:43:46 pm: So maybe some of you who love WireGuard like I do will be able to help me figure out what is going on.... So I have a WG0 connection coming into my router. It is awesome for accessing the LAN when out and about. I have had this a long time without any issues. The other day I added an interface for accessing a VPN. So I set this up to access Mullvad. My goal was to do this in a way that I could select what devices on the network to go to the WG1 interface and the others I just wanted to keep on the WAN. The problem is when I connect to WG1, WG0 looses its ability to handshake. WG0 will not connect at all. I don't see this being an issue once WG goes to kernel but in the meantime I have to deal with user space.

If anyone has run into this issue maybe can help out. TIA.
Title: Re: WireGuard Issue
Post by: FingerlessGloves on February 19, 2021, 05:48:49 pm: I think I know what the issue is and its to do with the routing, what guide did you follow?

This one works but may take little bit of filling the gaps in, in a few places.

https://imgur.com/gallery/JBf2RF6

Guide is by me, but I can help where needed.
Title: Re: WireGuard Issue
Post by: Greelan on February 20, 2021, 12:43:51 am: I agree it sounds like routing. I wrote this tutorial building on Jonny’s great work, which may help also: https://forum.opnsense.org/index.php?topic=21205.0

Having multiple WG instances locally (eg one to allow you to connect to your LAN remotely, and one to allow you to connect locally to a VPN provider) should definitely work. I have implemented it before myself
Title: Re: WireGuard Issue
Post by: FingerlessGloves on February 20, 2021, 12:55:41 am: Nice Guide :-)

Do you know how to add it too the OPNsense docs? Would make sense too since its quite in depth :-). better than current ones for Mullvad

I need to do one for Private Internet Access as well, but I want to make sure the script required for PIA is working nicely before I do :-)
Title: Re: WireGuard Issue
Post by: Greelan on February 20, 2021, 01:39:24 am: Yes, I know I should ultimately do something for the official docs (I have submitted a couple of PRs for other topics) but I really don’t like working with reStructuredText so I took the easy way of posting on the forum. :)
Title: Re: WireGuard Issue
Post by: jaybowee on March 04, 2021, 10:48:16 pm: I gave up on it and installed pfsense. It just so happened the same week pf implemented WireGuard into the kernel. I've had no issues with it so far. The people here are very good about helping others however the mods just blame everything on FreeBSD. So anyway, not looking back. Good luck everyone.
Title: Re: WireGuard Issue
Post by: FingerlessGloves on March 04, 2021, 11:23:51 pm: Quote from: jaybowee on March 04, 2021, 10:48:16 pm
I gave up on it and installed pfsense. It just so happened the same week pf implemented WireGuard into the kernel. I've had no issues with it so far. The people here are very good about helping others however the mods just blame everything on FreeBSD. So anyway, not looking back. Good luck everyone.

Hehe, maybe you'll come back one day, and we'll be here waiting :-)
Title: Re: WireGuard Issue
Post by: Greelan on March 05, 2021, 02:07:30 am: With the same advice as to how to get this working . I don’t see what beef there is with the “mods” given I don’t see anyone saying this setup doesn’t work because of FreeBSD - because it does work
Title: Re: WireGuard Issue
Post by: FingerlessGloves on March 05, 2021, 11:34:18 am: Quote from: Greelan on March 05, 2021, 02:07:30 am
With the same advice as to how to get this working . I don’t see what beef there is with the “mods” given I don’t see anyone saying this setup doesn’t work because of FreeBSD - because it does work

Yeah I'm not sure what this "beef" is 🤔, have i missed something here?
Title: Re: WireGuard Issue
Post by: Greelan on March 05, 2021, 11:38:00 am: guess we will never know
Title: Re: WireGuard Issue
Post by: jaybowee on March 08, 2021, 01:18:58 am: Actually no as it is working just fine and very stable unlike OPNsense which feels like constantly running alpha software.

Quote from: FingerlessGloves on March 04, 2021, 11:23:51 pm
Quote from: jaybowee on March 04, 2021, 10:48:16 pm
I gave up on it and installed pfsense. It just so happened the same week pf implemented WireGuard into the kernel. I've had no issues with it so far. The people here are very good about helping others however the mods just blame everything on FreeBSD. So anyway, not looking back. Good luck everyone.

Hehe, maybe you'll come back one day, and we'll be here waiting :-)
Title: Re: WireGuard Issue
Post by: franco on March 08, 2021, 08:38:07 am: At this point it just seems like trolling when you obviously got what you wanted. There's no valid technical detail to discuss and if you must please take your demeaning victory lap elsewhere.

Cheers,
Franco