WireGuard Road Warrior Setup | Mandatory Private Key?

[dlopezjr]

Hello!

I'm going through the "WireGuard Road Warrior Setup" doc but running into issues on Step 1. (https://docs.opnsense.org/manual/how-tos/wireguard-client.html)

The guide states that the "Private key" will auto-generate, but I'm running into an error. It's stating that a "A value is required." for the "Private key" field and won't let me continue.

Is this a bug or a new expected behavior with outdated documentation?

Here is the version I'm on:

***GOT REQUEST TO CHECK FOR UPDATES***
Currently running OPNsense 24.1.5_3 at Sun Apr 14 07:59:58 UTC 2024
Fetching changelog information, please wait... done
Updating OPNsense repository catalogue...
Fetching meta.conf: . done
Fetching packagesite.pkg: .......... done
Processing entries: .......... done
OPNsense repository update completed. 844 packages processed.
All repositories are up to date.
Checking integrity... done (0 conflicting)
Your packages are up to date.
Checking for upgrades (0 candidates): . done
Processing candidates (0 candidates): . done
Checking integrity... done (0 conflicting)
Your packages are up to date.
***DONE***

Here is a screenshot:

[Patrick M. Hausen]

Just click on the little cogwheel next to "Public key" and a key pair will be generated.

[dlopezjr]

Thanks Patrick, that solved Step 1. With your help was able to report this and able to get the doc updated: https://github.com/opnsense/docs/issues/553#event-12460614074

Now after step 3 (restarting WireGuard), I lose internet access on all my LAN devices. Someone was suggesting in a thread to checkmark "Disable routes" in the instance configuration. Is that a valid thing I should be doing? The documentation has no info on this.

EDIT:
Here is what the OPNsense config looks like:

Code: [Select]

$ awk -F'=' '/^/ { if ($1 ~ /Key/) print($1 "= <key>"); else print($0); }' </usr/local/etc/wireguard/wg0.conf

####################################################
# Interface settings, not used by `wg`             #
# Only used for reference and detection of changes #
# in the configuration                             #
####################################################
# Address =  10.10.10.1/24
# DNS =
# MTU =
# disableroutes = 1
# gateway =

[Interface]
PrivateKey = <key>
ListenPort = 51820

[Peer]
# friendly_name = phone
PublicKey = <key>

AllowedIPs = 0.0.0.0/0


[chemlud]

"Allowd IPs" 0.0.0.0/0 might be slightly over the top on the sense, if your phone is roadwarrior...

https://forum.opnsense.org/index.php?topic=36670.0