Assign Wireguard VPN to a physical port

Started by orybdunt, August 13, 2023, 03:21:28 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
August 13, 2023, 03:21:28 PM
Hi everyone, I configured ProtonVPN (Wireguard) on my OPNsense firewall ( I followed this guide).
The VPN works, but I don't want to route all traffic through the the VPN.
My firewall box has 3 ethernet interface, WAN, LAN and a free interface that a want to assign to the VPN.
I thought of creating a bridge between the wireguard wg0 interface and the igb2 interface but from what I understand it would not work because Wireguard is only layer 3. How could I do that?
August 13, 2023, 03:53:51 PM #1
Assign igb2 to a new interface (OPT1 by default) and configure it with its own subnet. Then add the rule from the "Firewall Rules" section of the guide to OPT1 instead of LAN.

Cheers
Maurice
OPNsense virtual machine images
OPNsense aarch64 firmware repository

Commercial support & engineering available. PM for details (en / de).
August 14, 2023, 02:32:31 PM #2
Thank you, much simpler than I had imagined.
I configured the OPT1 interface to its subnet, enabled the DHCP server by also specifying the VPN's internal DNS server, and had to add the firewall rule to allow DNS server communication.
It works perfectly, now when I want to use the VPN I just plug the Ethernet cable into the appropriate port.
Print
Go Up Pages1
User actions