How do I route all traffic to external VPN?

[novel]

Hello,

I followed this article:

https://docs.opnsense.org/manual/how-tos/wireguard-selective-routing.html

but I never be connected through VPS.

I have successfully setup a wireguard vpn server in VPS, and wireguard client on my raspberry pi. 

Now I want to route all traffic from local network via opnsense to VPS (wireguard server) with the same setup. I don't want to use raspberry pi as wireguard client. I want the  wireguard client will be the opnsense firewall instead raspberry pi and wireguard server the vps as it is.

Is there anyone can be solve this problem?

I appreciate any help.

Thank you.

[frozen]

There's very little support or documentation for any of us messing with External VPN's.  I've been posting here looking for help for days now and rarely does anybody contribute

OPNsense software is way overcomplicating things, as you've seen by simply trying to follow that selective routing guide, it should've been possible in less than half the steps.  And once the guide is done and followed to the tee, they leave you completely dry with how to make use of it afterwards!

[novel]

There's very little support or documentation for any of us messing with External VPN's.  I've been posting here looking for help for days now and rarely does anybody contribute

OPNsense software is way overcomplicating things, as you've seen by simply trying to follow that selective routing guide, it should've been possible in less than half the steps.  And once the guide is done and followed to the tee, they leave you completely dry with how to make use of it afterwards!

I believe in people here. I hope to someone here that know much more than me  for wireguard opnsense. I have been waiting someone to help me.

[netnut]

There's very little support or documentation for any of us messing with External VPN's.  I've been posting here looking for help for days now and rarely does anybody contribute

You know this is a community forum ? If you need a fix _now_ for your mission-critical setup: https://shop.opnsense.com/product-categorie/support/

OPNsense software is way overcomplicating things, as you've seen by simply trying to follow that selective routing guide, it should've been possible in less than half the steps.

Where can we find your lean-and-mean, just enough, easy configuration How-To, really like to read it.

And once the guide is done and followed to the tee, they leave you completely dry with how to make use of it afterwards!

Just send packets, no magic involved...

[novel]

Is anybody here? Can anyone help me?

I am able to post more information if you wish!


Thank you

[Patrick M. Hausen]

If you do not post all details of all your configuration concerning that VPN how should anyone help? Remove private keys, of course but we need all tunnel settings, all IP addresses, all associated firewall rules - of course.

[novel]

Here we go...

I can't post more pictures

[novel]

more pictures

[novel]

more pictures

[Patrick M. Hausen]

Is the tunnel up and can you ping the internal tunnel address at the other end from the firewall?

Second NAT on the firewall won't be enough. Once the tunnel works you will need to NAT all oubound traffic to the public IP of the other end. And this must be done at the other end.

[novel]

Is the tunnel up and can you ping the internal tunnel address at the other end from the firewall?

Second NAT on the firewall won't be enough. Once the tunnel works you will need to NAT all oubound traffic to the public IP of the other end. And this must be done at the other end.

First of all thank you very much...

When enable tunnel it doesn't work anything. So, I cannot ping. So, would you like tell me what rules I need?

[Patrick M. Hausen]

From where do you ping where? You need to open a shell on the firewall with SSH and ping the other side of the tunnel.

[novel]

From where do you ping where? You need to open a shell on the firewall with SSH and ping the other side of the tunnel.

Look at the result of my ping . This is from opnsense shell...

[Patrick M. Hausen]

wg
netstat -rn

please.

Also what does the WireGuard configuration on the VPS look like?

[novel]

wg
netstat -rn

please.

Also what does the WireGuard configuration on the VPS look like?

I ddn't understand what do you mean "Also what does the WireGuard configuration on the VPS look like?"

please look at the picture..