"
Yeah, that IP is the Nord endpoint. So you are not setting a local gateway IP. Might update the guide to allow for this
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
#32
General Discussion / Wiregaurd with VLAN selective routing
March 26, 2023, 01:07:01 AM
Might actually be a good idea to share your configuration info that you have from your VPN provider to ensure that I have that straight. Otherwise the assumptions I am making may be totally wrong
I see you are using NordVPN. They make it trickier to get config info due to their preference that users use their NordLynx application (at least they used to)
I see you are using NordVPN. They make it trickier to get config info due to their preference that users use their NordLynx application (at least they used to)
#33
General Discussion / Re: Wiregaurd with VLAN selective routing
March 26, 2023, 12:47:59 AM
Several things (making some assumptions about tunnel IPs based on what you have currently):
- Gateway config - IP address should be 10.5.0.1. Remove the monitor IP for the time being (once the tunnel is working you can run a traceroute to figure out what the VPN tunnel IP is at the VPN provider's end, unless you already know that)
- OPNsense local config - Tunnel address should be 10.5.0.2/32 - I am assuming this is what your VPN provider has said should be set as the tunnel IP at your end
- OPNsense endpoint config - Allowed IPs should just be 0.0.0.0/0
- Gateway config - IP address should be 10.5.0.1. Remove the monitor IP for the time being (once the tunnel is working you can run a traceroute to figure out what the VPN tunnel IP is at the VPN provider's end, unless you already know that)
- OPNsense local config - Tunnel address should be 10.5.0.2/32 - I am assuming this is what your VPN provider has said should be set as the tunnel IP at your end
- OPNsense endpoint config - Allowed IPs should just be 0.0.0.0/0
#34
23.1 Legacy Series / Re: When Mullvad Wireguard VPN is turned on, no internet on non-VPN interfaces
March 26, 2023, 12:38:17 AM
Neither.
It's the local IPs of the particular machines/VMs etc that you want to use the tunnel.
Eg you have a PC on 192.168.1.10 in your network. Include that.
Or you have an entire VLAN subnet like 10.0.1.10/24 that you want anything on that subnet to use the tunnel. Include that.
It's the local IPs of the particular machines/VMs etc that you want to use the tunnel.
Eg you have a PC on 192.168.1.10 in your network. Include that.
Or you have an entire VLAN subnet like 10.0.1.10/24 that you want anything on that subnet to use the tunnel. Include that.
#35
General Discussion / Re: Wiregaurd with VLAN selective routing
March 25, 2023, 02:34:53 PM
You're missing some of the most important info - your WG configs and the gateway, for example.
Can I suggest that you show what you have set up for each step of the wiki how-to?
Can I suggest that you show what you have set up for each step of the wiki how-to?
#36
23.1 Legacy Series / Re: dpinger - two instances but only single gateway to monitor
March 25, 2023, 04:55:58 AM
I'd guess remove the duplicate from config.xml
#37
General Discussion / Re: Wiregaurd with VLAN selective routing
March 25, 2023, 02:26:43 AM
It would probably be more productive for you to post screenshots of all your configs (masking private keys), as your situation will be different to others.
#38
23.1 Legacy Series / Re: When Mullvad Wireguard VPN is turned on, no internet on non-VPN interfaces
March 22, 2023, 09:55:13 PM
Sounds like you want to implement selective routing: https://docs.opnsense.org/manual/how-tos/wireguard-selective-routing.html
#39
Tutorials and FAQs / Re: Changing IP on a public network with OpenVPN?
March 21, 2023, 08:27:10 AM
You can do it without a VPS, but you still need another endpoint with a different public IP to tunnel through. That's what commercial VPN providers like Mullvad are commonly used for, if you don't want to roll your own solution with a VPS
#40
Virtual private networks / Re: Multiple server/local instances of wireguard
March 20, 2023, 08:36:29 PM
Hopefully you didn't do everything exactly the same, as you will have conflicting subnets, ports, keys etc. xD Post configs?
#41
23.1 Legacy Series / Re: Auto-generated blocking rules after update from 23.1 to 23.1.3_4
March 19, 2023, 12:54:46 AM
Those rules are not new to the update and won't be causing your issues
#42
23.1 Legacy Series / Re: dpinger Needs Frequent Manual Restarts - Multi-WAN
March 06, 2023, 09:11:41 PM
This may help you: https://forum.opnsense.org/index.php?topic=18745.msg97953#msg97953
#43
Tutorials and FAQs / Re: Is there a guide on how to migrate from pfsense to opnsense?
March 04, 2023, 01:34:25 PM
Not sure what json you are referring to. OPNsense's primary configuration file is /conf/config.xml
#44
Tutorials and FAQs / Re: Is there a guide on how to migrate from pfsense to opnsense?
March 04, 2023, 12:20:23 AM
Back a few versions ago the underlying code was similar enough that a direct import was possible. That's not the case now
#45
Virtual private networks / Re: Access far ressources via wireguard (routing problem)
February 27, 2023, 06:20:19 AM
You should be able to achieve this by firewall rules (policy based routing) and allowed IPs in WG
