[Solved] Wireguard - wg0 not available at interfaces.

Started by Yolo, December 10, 2019, 09:00:54 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
December 10, 2019, 09:00:54 PM Last Edit: December 11, 2019, 05:38:33 PM by Yolo
I am trying to get wireguard going using this tutorial: https://blog.linuxserver.io/2019/11/16/setting-up-wireguard-on-opnsense-android/

One of the steps I need to take is to create a new assignment for wg0, so that traffic can flow. However, when I go to assignments, wg0 is nowhere to be found. Logging in via ssh and listing all the interfaces gives me only the WAN and LAN. I installed the plugin using the System - Firmware - Plugins method.

Anyone any idea what might be going wrong here?
December 10, 2019, 09:44:40 PM #1
WireGuard not running?
December 10, 2019, 11:01:56 PM #2 Last Edit: December 10, 2019, 11:09:31 PM by Yolo
I thought it kept running, but the service keeps stopping. Only see this in the logs:

Dec 10 23:07:30   kernel: wg0: link state changed to DOWN
Dec 10 23:07:30   kernel: tun0: changing name to 'wg0'
December 11, 2019, 06:05:48 AM #3
Can you start WireGuard via CLI and check the output?
December 11, 2019, 06:32:17 AM #4
Quote from: mimugmail on December 11, 2019, 06:05:48 AM
Can you start WireGuard via CLI and check the output?

Could you explain to me how to do that? Probably need to ssh in and then?
December 11, 2019, 06:55:13 AM #5
SSH, Type 8 for Console, then:

/usr/local/etc/rc.d/wireguard restart
December 11, 2019, 07:25:42 AM #6 Last Edit: December 11, 2019, 07:38:45 AM by Yolo
Quote from: mimugmail on December 11, 2019, 06:55:13 AM
SSH, Type 8 for Console, then:

/usr/local/etc/rc.d/wireguard restart

Running that command gives:

Quote
/usr/local/etc/rc.d/wireguard restart
wg-quick: `wg0' is not a WireGuard interface
  • wireguard-go wg0
    INFO: (wg0) 2019/12/11 07:23:21 Starting wireguard-go version 0.0.20191012
  • wg setconf wg0 /tmp/tmp.64MsU480/sh-np.qmmiA2
    Line unrecognized: `PublicKey='
    Configuration parsing error
  • rm -f /var/run/wireguard/wg0.sock
When I look at /usr/local/etc/wireguard/wg0.conf, I get the following:

Quote
[Interface]
Address = 10.0.2.0/24
DNS = 1.1.1.1
ListenPort = 51820
PrivateKey = CN93K+/YuYpMlQbCm0caalsRnJWU+EfP4kgU+g*****=
[Peer]
PublicKey = QKXb7WW8VdGGDLz4LMOleM/Eh8tq8fGTYnPZmf*****=
AllowedIPs = 10.0.2.2/32
PersistentKeepalive = 60
[Peer]
PublicKey =
AllowedIPs = 10.0.2.3/32
PersistentKeepalive = 60

So only the peer public key is empty, but that is correct right? Since this is the server.
December 11, 2019, 07:47:30 AM #7
That 2nd peer public key needs to be filled in :)
December 11, 2019, 05:38:20 PM #8 Last Edit: December 11, 2019, 10:43:51 PM by Yolo
Solved the issue. Apparently, I created a peer without a public key in the past. Since it was not working, I deleted the plugin and reinstalled it. I think that wg0.conf wasn't deleted when I removed the plugin (have not verified this), so the old settings were still there. Deleted wg0.conf, deleted the plugin, rebooted opnsense, installed the plugin and this time I got the wg0 interface.

Thanks for all the support!

Now onto the next challenge. I am connected to the Opnsense firewall, but cannot reach anything on the network or on the internet...
April 02, 2020, 02:08:18 PM #9 Last Edit: April 02, 2020, 02:11:57 PM by Spoonman2002
- create gateway in System > Single > Gateways
- create a rule (or rules) in Firewall > NAT > Outbound.
also see this thread:
https://forum.opnsense.org/index.php?topic=15105.msg70130#msg70130
Print
Go Up Pages1
User actions