1
Virtual private networks / Surfshark Wireguard connection on PPPoe Wan Not working
« on: April 02, 2024, 04:55:28 pm »
Hi There,
So I have been round and round in circles trying to get wire guard set up with my fibre PPPoe connection here in the UK, I temporarily abandoned opnsense after it randomly stopped connecting to the vpns I had set up and tried with PFsense, Got PFsense working first time round with a surf shark guide, restarted it to confirm it was still good and this broke everything, Apparently a known issue with PFsense and PPPoe connections using wire guard
(Pfsense issue with PPPOe)
https://forums.lawrencesystems.com/t/gateway-disabled-after-reboot/13220/2
So I reverted back to a fresh install on Opnsense and followed the guide from "0x2142 - Networking Nonsense" on the Mullvad Wireguard connection , with a few additions of using both public and private key, Adding the DNS server in the Instance and finally changing my LAN MSS to 1412 or 1372 as outlined in the surfshark PFsense guide, but could not get this to resolve web pages, the connection was there but no DNS resolution it would appear.
(First Guide I used which worked then it stopped)
https://www.youtube.com/watch?v=b58PpuIsQ3A&t=793s
Suffice to say I am well and truly stuck; I found this guide on Airvpn about the method to use with them and will give this a try also but seems to take a different approach, but the person writing the guide states it might not be correct.
(AirVPN Guide I found)
https://airvpn.org/forums/topic/56844-howto-opnsense-and-wireguard-to-airvpn/
Here is my video of my entire configuration below, if anyone can spot my mistakes, please let me know, I have spent probably about 50 hours trying to get wireguard working on PF and Opnsense reliably and I simply cannot do it, I am going a little mad as I don’t like to give up. It works then it doesn’t for no rhyme or reason. I must be doing something wrong somewhere, and guides for Opnsense wireguard are far apart. If anyone has an up to date 2024 guide for setting up somthing like Surfhshark wireguard up for Opnsense please point me in the right direction. I have looked at the Opnsense guides directly but again nothing I do with these seems to help.
(My setup)
https://youtu.be/wubDkH3-CPc
This is like a 5 min job on an Asus merlin router, it’s so simple to do on them. But the throughput on wireguard is limited to around 500-600mb and then also there is a known issue where wire guard disables Nat acceleration on these therefore slowing local network speeds.
My requirement is simply of a
-Wireguard VPN that encapsulates the whole network
-An effective killswitch to ensure no traffic goes to the normal WAN connection if the VPN server is down.
-Maybe a way to route a spesific static internal IP around the VPN were it required.
I really don’t understand why it’s so complicated on Opnsense or why it seems to be such a niche requirement. But I just need help to try and get a stable wire guard whole network connection in Opnsense, so any guidance please would be extremely appreciated.
Many thanks
LovelyCupOfTea
So I have been round and round in circles trying to get wire guard set up with my fibre PPPoe connection here in the UK, I temporarily abandoned opnsense after it randomly stopped connecting to the vpns I had set up and tried with PFsense, Got PFsense working first time round with a surf shark guide, restarted it to confirm it was still good and this broke everything, Apparently a known issue with PFsense and PPPoe connections using wire guard
(Pfsense issue with PPPOe)
https://forums.lawrencesystems.com/t/gateway-disabled-after-reboot/13220/2
So I reverted back to a fresh install on Opnsense and followed the guide from "0x2142 - Networking Nonsense" on the Mullvad Wireguard connection , with a few additions of using both public and private key, Adding the DNS server in the Instance and finally changing my LAN MSS to 1412 or 1372 as outlined in the surfshark PFsense guide, but could not get this to resolve web pages, the connection was there but no DNS resolution it would appear.
(First Guide I used which worked then it stopped)
https://www.youtube.com/watch?v=b58PpuIsQ3A&t=793s
Suffice to say I am well and truly stuck; I found this guide on Airvpn about the method to use with them and will give this a try also but seems to take a different approach, but the person writing the guide states it might not be correct.
(AirVPN Guide I found)
https://airvpn.org/forums/topic/56844-howto-opnsense-and-wireguard-to-airvpn/
Here is my video of my entire configuration below, if anyone can spot my mistakes, please let me know, I have spent probably about 50 hours trying to get wireguard working on PF and Opnsense reliably and I simply cannot do it, I am going a little mad as I don’t like to give up. It works then it doesn’t for no rhyme or reason. I must be doing something wrong somewhere, and guides for Opnsense wireguard are far apart. If anyone has an up to date 2024 guide for setting up somthing like Surfhshark wireguard up for Opnsense please point me in the right direction. I have looked at the Opnsense guides directly but again nothing I do with these seems to help.
(My setup)
https://youtu.be/wubDkH3-CPc
This is like a 5 min job on an Asus merlin router, it’s so simple to do on them. But the throughput on wireguard is limited to around 500-600mb and then also there is a known issue where wire guard disables Nat acceleration on these therefore slowing local network speeds.
My requirement is simply of a
-Wireguard VPN that encapsulates the whole network
-An effective killswitch to ensure no traffic goes to the normal WAN connection if the VPN server is down.
-Maybe a way to route a spesific static internal IP around the VPN were it required.
I really don’t understand why it’s so complicated on Opnsense or why it seems to be such a niche requirement. But I just need help to try and get a stable wire guard whole network connection in Opnsense, so any guidance please would be extremely appreciated.
Many thanks
LovelyCupOfTea