Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Virtual private networks
»
WireGuard setup required reboot, Unbound available on WAN
« previous
next »
Print
Pages: [
1
]
Author
Topic: WireGuard setup required reboot, Unbound available on WAN (Read 945 times)
You Me
Newbie
Posts: 1
Karma: 0
WireGuard setup required reboot, Unbound available on WAN
«
on:
August 03, 2022, 05:10:00 pm »
I struggled to get WireGuard installed, configured and working. It was frustrating because the setup and configuration is so simple, there aren't many places to check for mistakes. I have OPNSense 20.7 on a Shuttle mini PC. I discovered two things that finally got it working for me:
1. I had to reboot the hardware. At first I couldn't get anything to work. After issuing `service wireguard restart` from a shell, I could finally connect a peer but that peer couldn't access any network. After spending way too much time reviewing the interfaces and firewall rules, I rebooted the OPNsense hardware and then everything just worked. I can't tell you what changed (nothing in my config changed here) and now that it's working, I can't reproduce the problem. So unfortunately, I can't offer anything useful to the devs except it might be worth adding a note in the guides.
2. After the "networking" was functional, the remote peer could not access the native Unbound DNS server. My problem was that I had previously removed the WAN interface from the Unbound service network interfaces setting. Enabling Unbound DNS on WAN resolved this issue. In a way it makes sense that the remote peer is coming in through the WAN interface, I think I falsely assumed that the remote peer would appear to come in through wg0 interface I created (for which I had enabled for Unbound).
Hope that helps someone else. The setup is really quite simple and it works great. But geez, I spent a lot of befuddled time to get there. (When in doubt, reboot!)
สล็อตออนไลน์
Logged
QuaCKeReD
Newbie
Posts: 16
Karma: 0
Re: WireGuard setup required reboot, Unbound available on WAN
«
Reply #1 on:
August 03, 2022, 05:37:12 pm »
Hi,
We seem to be on the same path 😛
Do you have Unbound resolution from your WG client for external addresses AND local addresses? Or, like me, just external?
Logged
Unit: Protectli VP2410
CPU: Intel Celeron® J4125 Quad Core at 2 GHz (Burst up to 2.7 GHz)
RAM: 16GB DDR4
SSD: 256GB M.2 SATA
Broadband: Virgin Media VOLT
Down: 1.2Gbps
Up: 55Mbps
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
Virtual private networks
»
WireGuard setup required reboot, Unbound available on WAN