1
21.1 Legacy Series / Wireguard with three interfaces (wg0, wg1 and wg2) has issues on OPNSense
« on: April 28, 2021, 11:40:31 pm »
Having an issue with wireguard, three interfaces (wg0, wg1 & wg2) are setup and configured.
When all three interfaces are enabled, only wg0 passes traffic, the other interfaces (wg1 & wg2) do not pass traffic.
To use wg1, we disable wg0 and wg2 and then traffic flows as it should using wg1. Interface wg1 is verified to work when its the only interface selected
To use wg2, we disable wg0 and wg1 and then traffic flows as it should using wg2. Interface wg2 is verified to work when its the only interface selected
Since the interfaces (wg0, wg1, wg2) have been verified individually to work, is there a configuration setting that is required to ensure all three (wg0, wg1, wg2) interfaces pass traffic when all three (wg0, wg1, wg2) are enabled?
Update: added ifconfig information for wg0, wg1 & wg2
wg0: flags=43<UP,BROADCAST,RUNNING> metric 0 mtu 1420
options=80000<LINKSTATE>
inet 10.10.10.1 netmask 0xffffff00 broadcast 10.10.10.255
groups: tun wireguard
nd6 options=101<PERFORMNUD,NO_DAD>
Opened by PID 85885
wg1: flags=43<UP,BROADCAST,RUNNING> metric 0 mtu 1420
options=80000<LINKSTATE>
inet 10.20.20.1 netmask 0xffffff00 broadcast 10.20.20.255
groups: tun wireguard
nd6 options=101<PERFORMNUD,NO_DAD>
Opened by PID 73711
wg2: flags=43<UP,BROADCAST,RUNNING> metric 0 mtu 1420
options=80000<LINKSTATE>
inet 10.30.30.1 netmask 0xffffff00 broadcast 10.30.30.255
groups: tun wireguard
nd6 options=101<PERFORMNUD,NO_DAD>
Opened by PID 50939
When all three interfaces are enabled, only wg0 passes traffic, the other interfaces (wg1 & wg2) do not pass traffic.
To use wg1, we disable wg0 and wg2 and then traffic flows as it should using wg1. Interface wg1 is verified to work when its the only interface selected
To use wg2, we disable wg0 and wg1 and then traffic flows as it should using wg2. Interface wg2 is verified to work when its the only interface selected
Since the interfaces (wg0, wg1, wg2) have been verified individually to work, is there a configuration setting that is required to ensure all three (wg0, wg1, wg2) interfaces pass traffic when all three (wg0, wg1, wg2) are enabled?
Update: added ifconfig information for wg0, wg1 & wg2
wg0: flags=43<UP,BROADCAST,RUNNING> metric 0 mtu 1420
options=80000<LINKSTATE>
inet 10.10.10.1 netmask 0xffffff00 broadcast 10.10.10.255
groups: tun wireguard
nd6 options=101<PERFORMNUD,NO_DAD>
Opened by PID 85885
wg1: flags=43<UP,BROADCAST,RUNNING> metric 0 mtu 1420
options=80000<LINKSTATE>
inet 10.20.20.1 netmask 0xffffff00 broadcast 10.20.20.255
groups: tun wireguard
nd6 options=101<PERFORMNUD,NO_DAD>
Opened by PID 73711
wg2: flags=43<UP,BROADCAST,RUNNING> metric 0 mtu 1420
options=80000<LINKSTATE>
inet 10.30.30.1 netmask 0xffffff00 broadcast 10.30.30.255
groups: tun wireguard
nd6 options=101<PERFORMNUD,NO_DAD>
Opened by PID 50939