Problem getting Wireguard-VPN Roadwarrior Setup to work

[sashxp]

Hi Guys,

i can't get my new Wireguard VPN Setup to work. I can't see established connection but i cant see my Mistake!? Perhaps some of the Wireguard Experts could help me a bit?!

1. Server Setup, i have configured the following things on the OPNSense Site:






upload pictures

2. On the iPhone i have configured as following:


Perhaps i have missed just a little? So, please help me :-)

i have read the following Links:
https://forum.opnsense.org/index.php?topic=11737.0
https://forum.opnsense.org/index.php?topic=13461.0
https://genneko.github.io/playing-with-bsd/networking/freebsd-wireguard-quicklook/
the great site from mimugmail https://www.routerperformance.net/opnsense/opnsense-and-wireguard/


sash

[mimugmail]

On the iPhone allowed IPs should be 0.0.0.0/0 in ordner to get everything over the tunnel.

[sashxp]

I don't think that this would be the Problem. I don't get a "handshake" - and i don't find the right Log to locate the Problem.

Can it be a Problem with the Keys? Or the Endpoints?

[mimugmail]

Public Key of Server and Endpoint can't be the same, this doesn't make sense.

[sashxp]

Wooohooooo Thank you! That was it! Everything works now like a charm

[sashxp]

Now i try to get AZIREVPN to work with WireGuard. I'll follow your tut at https://www.routerperformance.net/opnsense-wireguard-plugin-azirevpn/ :-) Thank you!

[mimugmail]

It's also at the official doc at docs.opnsense.org

[sashxp]

Next Problem in Configuration is to add a Gateway which doesn't work. I follow your Tut, but i cannot create a Gateway. If i click to add and fill in the fields, and then apply the settings, there is no new entry.

am i doing something wrong or is it just a bug?

Screenshots:

[sashxp]

Okay, i've testing around and "created" tons of Gateway entry but none showed up in the Table of the Gateways.

if i export my config i see tons of gateways, all for opt3 (the azirevpn interface)

Code: [Select]


<gateway_item>
      <interface>opt3</interface>
      <gateway>dynamic</gateway>
      <name>x</name>
      <priority>255</priority>
      <weight>1</weight>
      <ipprotocol>inet</ipprotocol>
      <interval/>
      <descr/>
      <monitor_disable>1</monitor_disable>
</gateway_item>

in addition i have now 4 dpinger service instances which couldn't start and my "real gateway" to route the Traffic isnot there.

@mimugmail - are you having a hint? Or is it just a bug in OPNSense?! At this point i did not get any further.

[mimugmail]

Can you open config.xml and remove those entries by hand, then add a new gateway via UI and instead of using IP "dynamic", set the gateway IP of Azire.

[mimugmail]

https://forum.opnsense.org/index.php?topic=13728.msg63369#msg63369