Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Messages - spkrb7

Pages: [1]

Virtual private networks / Re: simple Wireguard Road Warrior config by docs no handshake

« on: October 04, 2020, 09:32:46 pm »

Thanks for the suggestions much appreciated, I just couldn't get the handshake to complete, so I reset to start over when I get time.

Virtual private networks / Re: simple Wireguard Road Warrior config by docs no handshake

« on: October 03, 2020, 08:46:33 pm »

Step 2b:https://wiki.opnsense.org/manual/how-tos/wireguard-client.html#step-2b-setup-firewall-rules

Virtual private networks / Re: simple Wireguard Road Warrior config by docs no handshake

« on: October 03, 2020, 12:17:07 pm »

Quote from: mimugmail on October 03, 2020, 11:12:25 am

What is the port forward for? Allow rule on WAN for wg Port is active?

The port forward in the NAT section is per the instructions for WAN to LAN. It doesn't have the green triangle arrow indicating enabled, don't know if that applies there. Rule allowing WAN for wg is active, tried both in and out.

Virtual private networks / Re: simple Wireguard Road Warrior config by docs no handshake

« on: October 03, 2020, 07:39:58 am »

Thanks, appreciate your time, my lan addy is 192.168.1.1. https://imgur.com/a/iIn3q0a

Virtual private networks / simple Wireguard Road Warrior config by docs no handshake

« on: October 03, 2020, 05:44:33 am »

Trying to setup WG for remote access but handshake is not happening. The log from my phone has: "WireGuard/GoBackend/wgopnsense: peer(public key) - Handshake did not complete after 5 second, retrying after 5 seconds, retrying (try 2)". I'm using the officlal opnsense docs for setup. Any help appreciated.

20.7 Legacy Series / Re: How to use DNS over TLS in 20.7.3

« on: October 03, 2020, 05:26:52 am »

Thanks, glad DoT is working so simply on Opensense. Great work!

20.7 Legacy Series / Re: How to use DNS over TLS in 20.7.3

« on: September 30, 2020, 11:07:51 am »

Hello, I've just jumped into Opnsense and first up is trying to stop the dns leaks (next will be a Wireguard server). In my previous rig I've relied on dnsmasq and stubby DoT, but I'm trying to setup Unbound and getting confused. Is there a howto for it or a better hardened privacy method? Sorry for the greenhorn intrusion.

I have verified unbound working, I have added DoT servers in Unbound->miscellaneous. DNSSEC is enabled. Do I still need to add something into the custom field, download a cert package? Do i need unbound-plus?

Pages: [1]