Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Virtual private networks
»
WireGuard RoadWarrior Internet Access not working
« previous
next »
Print
Pages: [
1
]
Author
Topic: WireGuard RoadWarrior Internet Access not working (Read 1714 times)
jimjohn
Full Member
Posts: 128
Karma: 3
WireGuard RoadWarrior Internet Access not working
«
on:
August 28, 2021, 08:17:53 pm »
Hi,
I ultimately want to setup a WireGuard Road Warrior setup to be able to "secure" my mobile device's WiFi traffic in public networks. As an initial test, I want to connect locally (from my home network behind OPNsense) to the WG server running on the OPNsense, routing my traffic directly to the internet without any interference to local networks. Once this works, I want to do the same on the WAN interface with a port forward from my ISP's router.
Therefore, I followed that guide:
https://docs.opnsense.org/manual/how-tos/wireguard-client.html
I was able to get a handshake and a successful Wireguard connection (OPNsense => Wireguard => Handshake => Latest Handshake available).
I also added a FW rule to the "WireGuardRoadWarrior" Interface that I added as given in the tutorial:
IPv4 TCP/UDP SOURCE WireGuardRoadWarrior net * DESTINATION !RFC1918 (My alias that I use for _the internet_) *
Unfortunately, I cannot reach public addresses, however, I can reach the OPNsense web GUI. I also see the WG traffic (DEST PORT 51820) and the WireGuardRoadWarrior Interface traffic on :443 on the live log. However, my browser does not get a response.
Do you have any ideas what the problem could be?
Here's the output from the WireGuard page on OPNsense:
interface: wg0
public key: XXXXX
private key: (hidden)
listening port: 51820
peer: YYYYY
endpoint: 10.0.1.11:57092
allowed ips: 10.10.10.2/32
latest handshake: 1 minute ago
transfer: 23.49 KiB received, 29.60 KiB sent
Here's the PEER CONFIG
[Interface]
PrivateKey = ZZZZ
Address = 10.10.10.2/24
[Peer]
PublicKey = ZZZZ
AllowedIPs = 0.0.0.0/0
Endpoint = 10.0.1.1:51820
Let me know if you require any more information.
... or should I rather use OpenVPN?
Logged
jimjohn
Full Member
Posts: 128
Karma: 3
Re: WireGuard RoadWarrior Internet Access not working
«
Reply #1 on:
August 28, 2021, 09:19:34 pm »
OK, solved.
I forgot the DNS setting in my client's config.
Here's the complete working client config:
[Interface]
PrivateKey = XXX
Address = 10.10.10.2/24
DNS = 10.0.1.1
[Peer]
PublicKey = ZZZ
AllowedIPs = 0.0.0.0/0
Endpoint = 10.0.1.1:51820
Logged
enkrates
Newbie
Posts: 2
Karma: 0
Re: WireGuard RoadWarrior Internet Access not working
«
Reply #2 on:
August 30, 2021, 03:24:30 am »
Curious, when you enter the endpoint for your WireGuard remote peer (e.g., mobile device), do you use the public IP/port (92.134.66.12:51820 or the domain name/port (mydomianname.com:51820)?
I can't get my setup to do handshake and I think it's because I use IP address/port for the endpoint and not domain name.
Logged
Greelan
Hero Member
Posts: 1028
Karma: 72
Re: WireGuard RoadWarrior Internet Access not working
«
Reply #3 on:
August 30, 2021, 04:48:59 am »
You can use either
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
Virtual private networks
»
WireGuard RoadWarrior Internet Access not working