[SOLVED] Can't create WG Gateway for selective routing

Started by Manual6938, August 15, 2023, 08:03:20 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
August 15, 2023, 08:03:20 AM Last Edit: August 15, 2023, 08:59:52 AM by Manual6938
EDIT: Never mind,  it now allows me to after fully toggling Wireguard off and on. I did a system restart as well as a restart through the widget but it seems like those two were not sufficient.

Hello,

I am coming from pfSense and I'm following this guide to set up VPN routing: https://docs.opnsense.org/manual/how-tos/wireguard-selective-routing.html

I've made it through to creating the gateway (Step 6) and I can see handshakes happening in the WG status. However I'm unable to assign an IP address to the gateway because the interfaces has IPv4 type set to "None" which the guide instructs to do. This is the error given when attempting creating the gateway:
The following input errors were detected:
    Cannot add IPv4 Gateway Address because no IPv4 address could be found on the interface.

Am I missing something obvious? Any help would be appreciated very much.
August 15, 2023, 08:38:23 AM #1
Did you assign tunnel addresses to both sides of your WireGuard connection? Once the tunnel is up you should be able to create a gateway, but only after it is up.
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
August 15, 2023, 08:48:56 AM #2 Last Edit: August 15, 2023, 08:59:34 AM by Manual6938
Yeah, I have set the IPs on both Local and the Endpoint. Under "Status" I see the following
Quote
interface: wg1
  public key:  XXXXX
  private key: (hidden)
  listening port: 51821

peer: XXXXX
  endpoint: XXXXX
  allowed ips: 0.0.0.0/0
  latest handshake: 1 minute, 50 seconds ago
  transfer: 3.24 KiB received, 12.21 KiB sent
  persistent keepalive: every 25 seconds

If I set an IP address on the wireguard interface, then I am able to create the gateway, but the guide specifically says to set the IP configuration to "None".

EDIT: Never mind,  it now allows me to after fully toggling Wireguard off and on. I did a system restart as well as a restart through the widget but it seems like those two were not sufficient.
August 15, 2023, 09:02:18 AM #3
The status does not show the tunnel IPs unfortunately. You did set an explicit tunnel IP address in addition to the allowed ips and the peer ip? Just be sure. So even with the interface configuration set to "none" the command ifconfig wg1 shows a configured IP address after the tunnel is brought up? Right?
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
Print
Go Up Pages1
User actions