Messages

Your firewall rule is only allowing Wireguard to the WAN. Change the destination to LAN or any.

Thanks for the suggestion!
Wouldn't this mean that through VPN I would be able to browse the internet? None of the destinations work, not internal resources nor external resources.

I gave it a try, changed from WAN address: to any (see screenshot below), no luck however.

Hi everyone,
I am trying to setup WireGuard on my OpnSense instance and my iPhone. However I am stuck at this point. Any tips/recommendations are welcome!

My network:

• OpnSense IP: 192.168.32.1
• Subnet: 19 (Range 192.168.32.1 – 192.168.63.254)
• DHCP range: 192.168.33.1 – 192.168.39.254

Wireguard interface: 192.168.64.1/24
Clients connected through Wireguard range: 192.168.64.2 – 192.168.64.254 (I guess I will manually define this per user/device when adding a new vpn client configuration)

The steps I have taken:
Install WireGuard plugin (obviously)

Add local configuration with tunnel address 192.168.64.1/24:

Add configuration on my iPhone:

• Address: 162.168.64.2/32
• DNS servers: 192.168.64.1
• Endpoint: vpn.myhostname.com:51820
• Allowed Ips: 0.0.0.0/0

Add endpoint in Wireguard plugin with Allowed Ips: 192.168.64.2/32

Enabled the Wireguard
Added new interface (wg0) and enable it.

Added WAN firewall rule:
  Interface: WAN, Protocol: UDP, Source: any, Destination: WAN address, Destination port range: from: 51820 to: 51820
Added Wireguard firewall rule:
Interface: Wireguard, Protocol: any, Source: Wireguard net, Destination: WAN address, Destination port range: from any to any


When I try to connect through the iPhone application, it connects. I can see the interface in the List Configuration tab, but nothing in Handshakes or whatsoever. Even though it connects fine on my iPhone, I don't have any internal or external access.