121
Virtual private networks / Re: Wireguard port - public wifi
« on: September 25, 2021, 12:58:19 am »
Ok I am running wireguard in kernel mode. Not the wireguard go version. What do you have?
Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
122
Virtual private networks / Re: Wireguard port - public wifi
« on: September 24, 2021, 09:39:45 pm »
My Opnsense IP is 192.168.2.2 in case you wondered.
123
Virtual private networks / Re: Wireguard port - public wifi
« on: September 24, 2021, 09:38:52 pm »
Did you make sure under wireguard - local the port you are redirecting to is what wireguard is running on. Mine works totally fine. Here is a rule example of mine that works:
(My wireguard runs on 443 but I opened port 53 externally as a test.)
(My wireguard runs on 443 but I opened port 53 externally as a test.)
124
21.7 Legacy Series / Re: 21.7.3. - high CPU and MEM usage
« on: September 23, 2021, 05:19:38 am »
Same for me. 1 core pegged but a reboot fixed it totally for me.
125
Virtual private networks / Re: Wireguard port - public wifi
« on: September 22, 2021, 10:05:04 pm »
That would make it much harder. To test you would need to change the port to something else in your rule without changing anything else and confirm it works and then if this is the case consider another port to use that might bypass. The best is 53 and 443 but if those are out the question you might have success with port 465 as many firewalls allow this port (secure mail for gmail for example).
126
Virtual private networks / Re: Wireguard port - public wifi
« on: September 20, 2021, 11:31:28 pm »
I feel this would be a lot easier to test if you didnt leave your home and just checked it was working from your phone when you turn wifi on and off. Maybe start there as being able to switch back and forth is a lot easier.
127
Virtual private networks / Re: Wireguard over SSL or tunnel
« on: September 20, 2021, 09:19:18 pm »
Another person had this same question. Tunnel over port 443 or 53 both on UDP to try bypass firewalls.
Pete
Pete
128
Virtual private networks / Re: Wireguard port - public wifi
« on: September 20, 2021, 09:17:51 pm »
Assuming your FW is 192.168.1.1 and WG runs on port 989 UDP then it looks correct to me.
129
Virtual private networks / Re: Wireguard port - public wifi
« on: September 20, 2021, 07:35:27 pm »
I tested on my firewall and it works perfectly so you will have to check your rules etc. You should do basic troubleshooting steps like checking the opnsense server sees a handshake, if you can ping (rule out a dns issue etc) and wotnot and report back with any interesting findings. Mine was running in port 443 and I just opened port 53 to redirect to 443 in addition and it worked without changing anything further so must be something your side that could be stopping it.
130
Virtual private networks / Re: Wireguard port - public wifi
« on: September 19, 2021, 07:47:06 pm »
Let me know how it goes and I can help further if need be.
131
Virtual private networks / Re: Wireguard port - public wifi
« on: September 19, 2021, 07:19:08 pm »
Yes it is safe because you are not exposing dns to the internet. Wireguard is designed to be exposed to the internet. The port is not relevant. My question was, did you expose adguard to the internet on port 53 (that is unsafe).
You should create a nat rule. firewall - NAT. The appropriate rule will be created automatically when you make the NAT rule. You can see it and check its correct in firewall, wan, rules afterwards. Making the NAT rule will make the second rule for you.
P
You should create a nat rule. firewall - NAT. The appropriate rule will be created automatically when you make the NAT rule. You can see it and check its correct in firewall, wan, rules afterwards. Making the NAT rule will make the second rule for you.
P
132
Virtual private networks / Re: Wireguard port - public wifi
« on: September 19, 2021, 07:09:29 pm »
Ok thats fine. If you dont forward on your wan (pic shows lan interface) port 53 then you can do a nat rule on port 53 and redirect to a different internal port that wireguard runs on. So rule is interface wan, ipv4, udp, destination - 53, redirect to target port 51820 (or whatever you set wg port to be).
That way witeguard tuns on a different port internally but externally, someone contacting your wan address on port 53 udp is redirected internally to the wg port.
That should bypass most airports etc with restrictions.
P
That way witeguard tuns on a different port internally but externally, someone contacting your wan address on port 53 udp is redirected internally to the wg port.
That should bypass most airports etc with restrictions.
P
133
Virtual private networks / Re: Wireguard port - public wifi
« on: September 19, 2021, 03:13:28 am »
You have port 53 open to the whole internet?? I would recommend you dont do that. Perhaps you can explain your setup.
134
Virtual private networks / Re: Wireguard port - public wifi
« on: September 18, 2021, 01:28:00 pm »
I use port 443 udp and not had an issue but you can also try port 53 udp.
135
Zenarmor (Sensei) / Re: SENSEI NOT BLOCKING ANYTHING AT ALL
« on: September 17, 2021, 10:48:00 pm »
I checked my sensei and cant find any issue with it. I dont change much on it ever so maybe its because it was setup long ago and is still just working.
P
P