Show Posts
1
Virtual private networks / WireGUard - Multiple Endpoints/Interfaces
« on: January 26, 2021, 05:54:39 pm »
Hi everyone,
First post here. I am new to OPNsense and seek your help.
I am trying to configure two WireGuard endpoints to be able to route traffic from different hosts on my network through different VPN tunnels. The idea is all traffic to be routed through the main VPN tunnel and few hosts that need region unlock to go through the second tunnel. Also I would like to prevent my ISP's IP from leaking in case the the VPN tunnels are down.
So far I tried:
1. Single local entry with two endpoints. - In this case I see two handshakes and two peers but only one is used. If I disable either one of the endpoints it starts using the other one. I tried to changing the allowed IPs on each endpoint but then it stops working completely. In the "List Configuration" one of the peers comes up with "allowed ips: (none)" and the active one with "allowed ips: 0.0.0.0/0".
2. Two local entries each configured with single endpoint. - This creates two interfaces wg0 and wg1. If both local entries are enabled only wg0 is available. If I disable the first local entry wg1 becomes available and of course the second tunnel is used.
I have both interface assignments and NAT rules.
In both cases I can use either or but not both tunnels at the same time. Is this used case even possible?
Any help would be greatly appreciated.
First post here. I am new to OPNsense and seek your help.
I am trying to configure two WireGuard endpoints to be able to route traffic from different hosts on my network through different VPN tunnels. The idea is all traffic to be routed through the main VPN tunnel and few hosts that need region unlock to go through the second tunnel. Also I would like to prevent my ISP's IP from leaking in case the the VPN tunnels are down.
So far I tried:
1. Single local entry with two endpoints. - In this case I see two handshakes and two peers but only one is used. If I disable either one of the endpoints it starts using the other one. I tried to changing the allowed IPs on each endpoint but then it stops working completely. In the "List Configuration" one of the peers comes up with "allowed ips: (none)" and the active one with "allowed ips: 0.0.0.0/0".
2. Two local entries each configured with single endpoint. - This creates two interfaces wg0 and wg1. If both local entries are enabled only wg0 is available. If I disable the first local entry wg1 becomes available and of course the second tunnel is used.
I have both interface assignments and NAT rules.
In both cases I can use either or but not both tunnels at the same time. Is this used case even possible?
Any help would be greatly appreciated.