Firewall Rules - Wireguard Interface missing

Started by W0nderW0lf, July 27, 2020, 08:43:23 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
July 27, 2020, 08:43:23 AM
Hello everyone,

I am currently trying to configure VPN and after watching 2 Guides, there should be an Interface "Wireguard" under the Firewall rules. Unfortunately there isn't one and I wonder why?
The Guides I followed:
https://docs.opnsense.org/manual/how-tos/wireguard-client.html
https://www.thomas-krenn.com/de/wiki/OPNsense_WireGuard_VPN_f%C3%BCr_Road_Warrior_einrichten

I cant find any error or warning in the logs, that may explain why the Wireguard rules are missing.

Are these guides out of date and the Wireguard Rules are deprecated?

Thx 4ward for any help
July 27, 2020, 09:03:54 AM #1
Just edit a random Firewall rule without doing changes and it's there
July 27, 2020, 09:21:12 AM #2
That didn't work.
I tried some steps but none of them worked:

I added the new firewall rule for WAN.
Reloaded all services.
Removed wireguard, rebooted and reinstalled
In the meantime I found out that there was an Update from 1.1 to 1.2 available. I updated it but still no Wireguard Rules. (See Attachment)
July 27, 2020, 09:38:26 AM #3
WireGuard service is enabled in General tab?
July 27, 2020, 09:48:11 AM #4
Did you assign the wg0 interface to a symbolic name in the Interface -> Assignments UI?
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
July 27, 2020, 09:55:37 AM #5
Quote from: pmhausen on July 27, 2020, 09:48:11 AM
Did you assign the wg0 interface to a symbolic name in the Interface -> Assignments UI?

No need to assign, there should always be a WireGuard tab, assigned interfaces would be there in addition to WireGuard
July 27, 2020, 09:59:43 AM #6 Last Edit: July 27, 2020, 10:13:16 AM by W0nderW0lf
Quote from: pmhausen on July 27, 2020, 09:48:11 AM
Did you assign the wg0 interface to a symbolic name in the Interface -> Assignments UI?

That worked! Missed that step on Assignments. Seems like the Thomas-Krenn guide is incomplete. Its not mentioned there.

Quote from: mimugmail on July 27, 2020, 09:55:37 AM
Quote from: pmhausen on July 27, 2020, 09:48:11 AM
Did you assign the wg0 interface to a symbolic name in the Interface -> Assignments UI?

No need to assign, there should always be a WireGuard tab, assigned interfaces would be there in addition to WireGuard

Seems like there are some exceptions. Maybe this works on FreeBSD with OpenSSL. I use Hardened and LibeSSL. But I have no clue what could cause this behaviour...
July 27, 2020, 10:27:49 AM #7
Quote from: mimugmail on July 27, 2020, 09:55:37 AM
No need to assign, there should always be a WireGuard tab, assigned interfaces would be there in addition to WireGuard
Hmm ... I could not add Wireguard to the MDNS Repeater service unless I created a "VPN" interface in Assignments first.

Kind regards,
Patrick
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
July 27, 2020, 11:33:27 AM #8
Correct, the first would just create a rules tab which matches packets running through an interface belonging to wireguard group, what you want to achieve is adding a feature to an interface which only works via assigning.
August 07, 2020, 10:53:32 AM #9
Wireguard cannot choose WAN interface? When I setup OpenVPN, and choose WAN interface and firewall rule will auto show openvpn tab. is this was the reson?
October 18, 2022, 05:16:19 PM #10
Had the same issue today, reboot and it showed up ;)

Print
Go Up Pages1
User actions