Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - thisisme

Pages1
#1
Virtual private networks / Use multiple Wireguard connections with same Interface and Gateway IP
April 13, 2026, 07:45:38 AM
Hello,

I'm using ProtonVPN on my opensense with Wireguard and a tired gateway group for fallback. Unfortunately ProtonVPN seems to require the same interface and gateway ip for each server. I followed a tutorial (link in the bottom) that suggested to have "fake ips" and than map them back with 1:1 NAT rules. This actually works.

Now I really would like to enable IPv6 support for the tunnels. This works well for one tunnel, but if I try to do the same trick I did for IPv4 the second tunnel still has a packet loss of 100%. Can I somehow get this to work?

Thanks

Tutorial: https://old.reddit.com/r/ProtonVPN/comments/127zpbe/protonvpn_wireguard_multiconnection_on_pfsense/
#2
Virtual private networks / Wireguard setup fail over connection
June 19, 2024, 11:34:12 AM
Hi

I'm routing part of my traffic via proton VPN with policy routing. I used this tutorial https://docs.opnsense.org/manual/how-tos/wireguard-client-proton.html

Now.I want to setup a fail over connection to another ProtonVPN server. Unfortunately this does not seem to be possible with Wireguard. So I'm using a OpenVPN connection for the second tunnel.

Unfortunately I ran into another issue: The tutorial suggested to add the ProtonVPN server as the upstream DNS-Server. This server is only reachable via the Wireguard Tunnel, but not via the OpenVPN connection.(Different IP Segment).
I tried to remove the upstream DNS config and set the outgoing interface for unbound to my Wireguard tunnel, but with this setup unbound can't resolve anything. It looks like unbound can't properly route via the Wireguard interface if it tries to reach a public IP.

What did I wrong?
#3
General Discussion / Unbound ignores outgoing interface
June 06, 2024, 06:29:15 AM
Hey

I have a Wireguard tunnel with conditional (firewall rule based) routing. I would like to force unbound through the tunnel. I'm used to pfsense configuration. All I had to do there was setting the "Outgoing Network Interfaces" in unbound. On my opnsense configuration this option does nothing. The requests are still send via the default/wan interface.

What did I miss.
#4
Virtual private networks / DNS-Server option on a Wireguard instance
June 06, 2024, 06:09:47 AM
Hey

What does the DNS-Server option on a Wireguard instance configuration do? I know what it does when set on the client, but what happens exactly when I set it on the opnsense?
Pages1