Messages

1

Virtual private networks / Re: Wireguard & Mullvad - I'm lost.....

« on: September 03, 2020, 02:22:13 am »

There is now an easier way:

Assign Interface and tick "Dynamic Gateway", Add Gateway and in IP field type as usual "dynamic".
The Gateway field in Wireguard can be empty.

Hmm, I started off with that very configuration without much luck. Rules were ignored until I added that gateway IP everywhere.

2

Virtual private networks / Re: Wireguard & Mullvad - I'm lost.....

« on: September 02, 2020, 03:42:25 pm »

Got it all working with NordPVN,  I still need to work though my DNS issues, but once I've nailed that then I'll include some shots.   

Big thanks to mimugmail.

This did it for me:
1. Create local instance with Mullvad settings, tick "Disable Routes" and under Advanced set Gateway "1.2.3.4"
2. Create endpoint (0.0.0.0, 1.2.3.4)
3. Link endpoint in local instance
4. Assign an Interface to WG, no IP config and lock it
5. Go to System : Gateways : Single, create a gateway, Interface WG, IP address of gateway 1.2.3.4, tick "Far Gateway"
6. Go to Firewall rules and set the stuff you want with gateway of WG.

3

Virtual private networks / Re: Wireguard & Mullvad - I'm lost.....

« on: September 01, 2020, 01:13:29 am »

[...]

When I ping something like 1.1.1.1, my VLAN gateway response with a positive ping result. I'm not sure but guessing that I have a NAT issue.

I'm at the same spot - everything on the Wireguard side is working, but I cannot get traffic to route to it via policy routing, and the opnsense gateway responds to pings/etc when I would expect those packets to traverse Wireguard, for example:

Code: [Select]

$ netstat -nr -f inet
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
0.0.0.0         10.0.0.1        0.0.0.0         UG        0 0          0 ens192
10.0.0.0        0.0.0.0         255.255.255.0   U         0 0          0 ens192


$ ping 8.8.8.8 -c1
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 10.0.0.1: icmp_seq=1 ttl=64 time=0.201 ms

--- 8.8.8.8 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.201/0.201/0.201/0.000 ms

Have others who ran in to this figured out what the issue is? I haven't seen this behavior using similar setups with OpenVPN and the like.

You're not alone --  I'm experiencing the same symptoms.  Have yet to find a solution.   

It appears to work fine if you untick 'Disable Routing' at which point all traffic flows through the VPN which isn't what we're trying to accomplish. 

4

General Discussion / Re: Wireguard on OPNsense

« on: August 31, 2020, 11:50:21 pm »

Yes, I have -- and it was by no means straight forward.   

5

19.7 Legacy Series / Re: Wireguard as a VPN client?

« on: September 09, 2019, 09:45:09 pm »

The gateway is the problem. 

Configure your gateway this way:

Gateway -> Your WG Gateway Name-> IPv4 Configuration Type:  None