Messages

Thanks for the suggestions much appreciated, I just couldn't get the handshake to complete, so I reset to start over when I get time.

Step 2b:https://wiki.opnsense.org/manual/how-tos/wireguard-client.html#step-2b-setup-firewall-rules

What is the port forward for? Allow rule on WAN for wg Port is active?

The port forward in the NAT section is per the instructions for WAN to LAN. It doesn't have the green triangle arrow indicating enabled, don't know if that applies there. Rule allowing WAN for wg is active, tried both in and out.

Thanks, appreciate your time, my lan addy is 192.168.1.1. https://imgur.com/a/iIn3q0a

Trying to setup WG for remote access but handshake is not happening. The log from my phone has: "WireGuard/GoBackend/wgopnsense: peer(public key) - Handshake did not complete after 5 second, retrying after 5 seconds, retrying (try 2)". I'm using the officlal opnsense docs for setup. Any help appreciated.

Thanks, glad DoT is working so simply on Opensense. Great work!

Hello, I've just jumped into Opnsense and first up is trying to stop the dns leaks (next will be a Wireguard server). In my previous rig I've relied on dnsmasq and stubby DoT, but I'm trying to setup Unbound and getting confused. Is there a howto for it or a better hardened privacy method? Sorry for the greenhorn intrusion. :)

I have verified unbound working, I have added DoT servers in Unbound->miscellaneous. DNSSEC is enabled. Do I still need to add something into the custom field, download a cert package? Do i need unbound-plus?