Migrate existing Wireguard road warrior setup to OpnSense?

Started by EricE, May 21, 2021, 04:24:18 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
May 21, 2021, 04:24:18 PM
I have an existing Wireguard road warrior setup on a raspberry pi, but now that I have upgraded my OpnSense hardware to something more robust I should easily be able to consolidate everything onto OpnSense.  I've looked over the documentation and the configuration forms in the GUI, but there doesn't seem to be an easy (or at least obvious) way to transfer over the configuration of an existing Wireguard into OpnSense?  It appears to insist on auto generating all the keys and there doesn't appear to be a way to change them later?

I suppose I could configure a road warrior Wireguard, save a firewall backup file then edit it with all my existing keys and finally restore that backup - that would probably work but am I missing something that might be easier? 

It feels like with the editing backup path I could easily miss something significant that would make troubleshooting really fun either immediately or even better (ha!) much later. 
May 21, 2021, 10:46:20 PM #1
If you re-edit the local config after it auto-generates keys the first time, then you can easily replace the keys

If you are looking for a solution to upload multiple configs at once rather than creating them manually, I recall a few weeks ago a topic here on that, and using the API for it
May 21, 2021, 10:49:05 PM #2
Aha - so the config *is* in there somewhere, eh?  I have seen everything but the path to where they are - can you give met the path?

Is it saved as part of the firewall backup/restore through the GUI or is it something I need to track separately?

Thanks!
May 21, 2021, 10:57:09 PM #3
May 21, 2021, 10:58:26 PM #4
But you can also easily edit keys in the GUI AFAIK
June 15, 2021, 03:55:38 PM #5
Quote from: Greelan on May 21, 2021, 10:58:26 PM
But you can also easily edit keys in the GUI AFAIK

D'oh!  Of course - let it do the initial set up, then just edit to match my existing configuration.  How dumb of me - making it harder than it was.  Thanks for pointing out the obvious :)
Print
Go Up Pages1
User actions