WireGuard Road Warrior Setup | Mandatory Private Key?

Started by dlopezjr, April 14, 2024, 02:08:13 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
April 14, 2024, 02:08:13 PM
Hello!

I'm going through the "WireGuard Road Warrior Setup" doc but running into issues on Step 1. (https://docs.opnsense.org/manual/how-tos/wireguard-client.html)

The guide states that the "Private key" will auto-generate, but I'm running into an error. It's stating that a "A value is required." for the "Private key" field and won't let me continue.

Is this a bug or a new expected behavior with outdated documentation?

Here is the version I'm on:
***GOT REQUEST TO CHECK FOR UPDATES***
Currently running OPNsense 24.1.5_3 at Sun Apr 14 07:59:58 UTC 2024
Fetching changelog information, please wait... done
Updating OPNsense repository catalogue...
Fetching meta.conf: . done
Fetching packagesite.pkg: .......... done
Processing entries: .......... done
OPNsense repository update completed. 844 packages processed.
All repositories are up to date.
Checking integrity... done (0 conflicting)
Your packages are up to date.
Checking for upgrades (0 candidates): . done
Processing candidates (0 candidates): . done
Checking integrity... done (0 conflicting)
Your packages are up to date.
***DONE***

Here is a screenshot:
April 14, 2024, 02:11:17 PM #1
Just click on the little cogwheel next to "Public key" and a key pair will be generated.
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
April 20, 2024, 02:19:11 PM #2 Last Edit: April 20, 2024, 02:38:12 PM by dlopezjr
Thanks Patrick, that solved Step 1. With your help was able to report this and able to get the doc updated: https://github.com/opnsense/docs/issues/553#event-12460614074

Now after step 3 (restarting WireGuard), I lose internet access on all my LAN devices. Someone was suggesting in a thread to checkmark "Disable routes" in the instance configuration. Is that a valid thing I should be doing? The documentation has no info on this.

EDIT:
Here is what the OPNsense config looks like:

Code Select

$ awk -F'=' '/^/ { if ($1 ~ /Key/) print($1 "= <key>"); else print($0); }' </usr/local/etc/wireguard/wg0.conf

####################################################
# Interface settings, not used by `wg`             #
# Only used for reference and detection of changes #
# in the configuration                             #
####################################################
# Address =  10.10.10.1/24
# DNS =
# MTU =
# disableroutes = 1
# gateway =

[Interface]
PrivateKey = <key>
ListenPort = 51820

[Peer]
# friendly_name = phone
PublicKey = <key>

AllowedIPs = 0.0.0.0/0

April 20, 2024, 04:13:34 PM #3
"Allowd IPs" 0.0.0.0/0 might be slightly over the top on the sense, if your phone is roadwarrior...

https://forum.opnsense.org/index.php?topic=36670.0
kind regards
chemlud
____
"The price of reliability is the pursuit of the utmost simplicity."
C.A.R. Hoare

felix eichhorns premium katzenfutter mit der extraportion energie

A router is not a switch - A router is not a switch - A router is not a switch - A rou....
Print
Go Up Pages1
User actions