OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Profile of TripitakaBC »
  • Show Posts »
  • Messages
  • Profile Info
    • Summary
    • Show Stats
    • Show Posts...
      • Messages
      • Topics
      • Attachments

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

  • Messages
  • Topics
  • Attachments

Messages - TripitakaBC

Pages: [1]
1
23.7 Legacy Series / Re: Wireguard Roadwarrior help needed
« on: January 03, 2024, 05:38:03 pm »
I think at this stage, I must have some corruption going on as there are some things happening that don't line up with the documentation; for instance the automatically-created outbound NAT rules are not being created.

Time for a rebuild from scratch, I think.

2
23.7 Legacy Series / Re: Wireguard Roadwarrior help needed
« on: January 02, 2024, 11:25:38 pm »
And then I assume setting the client to 10.100.100.2/24, forcing a 'static' IP on the subnet. That made sense to me too but all the examples and tutorials I could find used /32 as the subnet.

I did manage to get some progress on the initial config once I somehow managed to break the existing WG tunnels so they were both down. Then I started getting traffic from the Android blocked at the firewall.  ;D

3
23.7 Legacy Series / Wireguard Roadwarrior help needed
« on: January 02, 2024, 09:20:30 pm »
OPNsense 23.7.10_1
os_wireguard (kernel)

I have been running Wireguard outbound tunnels for a year or more using the tutorial below. It's had its glitches, for sure, especially as I have two tunnels running with PIA, one of which has port forwarding but @FingerlessGloves has done a great job of maintaining the repository with fixes.
https://github.com/FingerlessGlov3s/OPNsensePIAWireguard

I have spent the time over the holidays trying to add an incoming WG connection (Road Warrior); I followed the tutorial here https://docs.opnsense.org/manual/how-tos/wireguard-client.html to get everything setup but it didn't work. The Wireguard client on Android gets stuck in handshakes it seems but the diagnostics tab on OPNsense shows no traffic. Of course, I've rebooted and even updated the wg-service-control.php script from the github repo here https://github.com/opnsense/core/blob/master/src/opnsense/scripts/Wireguard/wg-service-control.php.

I'm about as far as I can go with the knowledge that I have and I'm not sure what you guys need in terms of logs to help troubleshoot.

Target:
I'm looking for a few devices to be able to connect to a home LAN system which is spread across 192.168.0.0/16 (I know, I know, I should be using VLANS...). There are 3 Android phones and 3 Windows laptops. All connected clients need access to internal LAN devices and public internet via the firewall.

Tunnel is setup at 10.100.100.1/32 and test Android device is setup at 10.100.100.2/32

Firewall logs do not show any blocking.

All help appreciated.

Pages: [1]
OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2