OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Profile of Kck »
  • Show Posts »
  • Messages
  • Profile Info
    • Summary
    • Show Stats
    • Show Posts...
      • Messages
      • Topics
      • Attachments

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

  • Messages
  • Topics
  • Attachments

Messages - Kck

Pages: [1]
1
Virtual private networks / Re: Stuck with Wireguard configuration
« on: August 06, 2022, 02:09:41 pm »
Quote
Your firewall rule is only allowing Wireguard to the WAN. Change the destination to LAN or any.
Thanks for the suggestion!
Wouldn't this mean that through VPN I would be able to browse the internet? None of the destinations work, not internal resources nor external resources.

I gave it a try, changed from WAN address: to any (see screenshot below), no luck however.


2
Virtual private networks / Stuck with Wireguard configuration
« on: August 06, 2022, 01:10:38 pm »
Hi everyone,
I am trying to setup WireGuard on my OpnSense instance and my iPhone. However I am stuck at this point. Any tips/recommendations are welcome!

My network:
  • OpnSense IP: 192.168.32.1
  • Subnet: 19 (Range 192.168.32.1 – 192.168.63.254)
  • DHCP range: 192.168.33.1 – 192.168.39.254

Wireguard interface: 192.168.64.1/24
Clients connected through Wireguard range: 192.168.64.2 – 192.168.64.254 (I guess I will manually define this per user/device when adding a new vpn client configuration)

The steps I have taken:
Install WireGuard plugin (obviously)

Add local configuration with tunnel address 192.168.64.1/24:

Add configuration on my iPhone:
  • Address: 162.168.64.2/32
  • DNS servers: 192.168.64.1
  • Endpoint: vpn.myhostname.com:51820
  • Allowed Ips: 0.0.0.0/0

Add endpoint in Wireguard plugin with Allowed Ips: 192.168.64.2/32

Enabled the Wireguard
Added new interface (wg0) and enable it.

Added WAN firewall rule:
  Interface: WAN, Protocol: UDP, Source: any, Destination: WAN address, Destination port range: from: 51820 to: 51820
Added Wireguard firewall rule:
 Interface: Wireguard, Protocol: any, Source: Wireguard net, Destination: WAN address, Destination port range: from any to any
 

When I try to connect through the iPhone application, it connects. I can see the interface in the List Configuration tab, but nothing in Handshakes or whatsoever. Even though it connects fine on my iPhone, I don’t have any internal or external access.

Pages: [1]
OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2