Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
21.7 Legacy Series
»
troubles with the setup
« previous
next »
Print
Pages: [
1
]
Author
Topic: troubles with the setup (Read 1325 times)
sandbox2011
Newbie
Posts: 1
Karma: 0
troubles with the setup
«
on:
September 07, 2021, 04:54:46 am »
Hi,
I moved from PFsense to OPNsense iand am facing a couple of road bumps:
1. Flushing states from the web interface doesn't work in 21.7. Manual flushing through the command line works (pfctl -F state).
2. The option "Schedule States" (to flush the states when the schedule enables a new rule) doesn't seem to work either.
3. The manual for configuring wireguard is quite confusing and incomplete. It doesn't mention several vital steps such as NATing, that wireguard interface is default deny (even if others are not), the need of assigning a dedicated interface, etc. Even with knowing this, the it's a jungle of options that one has to navigate with lots of traps. For example there is an interface "Wireguard", but it does nothing.
4. Some convenience features that would seem natural are not present. The traffic shaper cannot have a schedule associated, although the schedule feature is already present. The traffic shaper rules seem not to be able to use firewall aliases.
Has anyone experienced similar problems and found fixes?
Thanks
Logged
Greelan
Hero Member
Posts: 1028
Karma: 72
Re: troubles with the setup
«
Reply #1 on:
September 07, 2021, 12:24:47 pm »
3. The default “WireGuard” is an interface group, which aggregates all wgX devices.
Not sure what docs you are looking at or what your use case is, but neither NAT nor an interface is necessarily required. It all depends on what you are trying to achieve.
These may be helpful:
https://docs.opnsense.org/manual/how-tos/wireguard-client.html
https://docs.opnsense.org/manual/how-tos/wireguard-selective-routing.html
By default traffic is blocked on all interfaces in OPNsense unless specifically allowed. Out of the box the LAN interface has “allow to any” rules so that a working config applies without further configuration. Any new interfaces created do not.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
21.7 Legacy Series
»
troubles with the setup