How do I route all traffic to external VPN?

[tiermutter]

It is still not proved that the connection is succesfully established.
I do not use OPNsense as WG client, hence I don't know where to prove it... VPN/Diagnostics?
On WG server side (debian) there should be logs. As said, first we need to prove that WG itself is working.

[novel]

It is still not proved that the connection is succesfully established.
I do not use OPNsense as WG client, hence I don't know where to prove it... VPN/Diagnostics?
On WG server side (debian) there should be logs. As said, first we need to prove that WG itself is working.

On vps there  is handshake   ....on opnsesne diagnostic there is not handshake

[tiermutter]

Ok.
You did not ping from Sense to VPS. Try both again and make sure that FW on each side allows pinging (ICMP).

[novel]

Ok.
You did not ping from Sense to VPS. Try both again and make sure that FW on each side allows pinging (ICMP).

Debian Is completely open and allow ping. from OPNsense I think it is allow ping.  I am NOT sure

I will post 2 screenshots . One screensho from debian wg server and second picture from shell's opnsense.



both pings show resulst only  for 8.8.8.8

[tiermutter]

I cannot ping It stucks

Now ping works without any changes?
And traceroute from Sense to 8.8.8.8?

[novel]

I cannot ping It stucks

Now ping works without any changes?
And traceroute from Sense to 8.8.8.8?

Yes, I can ping both sides but but I cannot as I said f the ip adress of wg server and client.

So traceroute 8.8.8.8  works only on wg server. On opnsense the resuls are very slowly but works very very slow


DONT FORGET THAT I CANNOT PING

[novel]

I am wonder here in this forum. There are so many user, but only two they tryied to help me. So far we didn't solved the problem with two guys. I hope to answer again.

So, am I a unique person that wants to setup wireguard server and client on OPNsense?

All users has successfully setup wg client with external vpn endpoint or they don't care about my question.

Please, if someone knows and wants to help me I am able to connect to my system wtih anydesk to check my firewall.

Please I ask help from anyone. I would like to solve this problem.

Thank you

[tiermutter]

Issue #1 is that no one will enter this thread with 66 posts because it is hard to find through.
Issue #2 is that this thread is very confusing. I was confused shortly after I entered and somewhere Patrick mentioned that it is getting more and more complex. In other words: Obviously there is no clear statement from you about what exactly should be achieved... and now Sense is WG client and server?
Issue #3 is that your answers often contains more or other information than needed. On a question about a traceroute you said "It's slow", without giving the needed information...

This is why this thread is not a pleasure, neither for us nor for you.

Maybe we should start from scratch in this thread and then step by step in your OPNsense config, also started from scratch...

[novel]

Issue #1 is that no one will enter this thread with 66 posts because it is hard to find through.
Issue #2 is that this thread is very confusing. I was confused shortly after I entered and somewhere Patrick mentioned that it is getting more and more complex. In other words: Obviously there is no clear statement from you about what exactly should be achieved... and now Sense is WG client and server?
Issue #3 is that your answers often contains more or other information than needed. On a question about a traceroute you said "It's slow", without giving the needed information...

This is why this thread is not a pleasure, neither for us nor for you.

Maybe we should start from scratch in this thread and then step by step in your OPNsense config, also started from scratch...

I have no problem  to start  a new one question. Do you want to start new question with the same title then all pictures screenshots from setup. Is that enough?

[tiermutter]

You should describe in details what you want to achieve and reset your config regarding routes, WG config + gateway,.... And then we can start from scratch.
Would be the simplest way I think...

[novel]

You should describe in details what you want to achieve and reset your config regarding routes, WG config + gateway,.... And then we can start from scratch.
Would be the simplest way I think...

Could you check my first post? Is it enough? I have to reset wg config then start together a new one?

[tiermutter]

As said via PN, let's start from scratch.

You only want all traffic (from LAN) going through your VPN.
VPN is wireguard connected to your own server (debian) in a VPS.
You removed all your WG and related configs from Sense having only LAN and WAN working, correct?

[tiermutter]

Please also remove you FW rules amd NAT regarding WG.
Please let us also know if IPv6 is configured and ready to use for WAN and LAN if you intend to use v6. Do you? If yes, we will care later about that.

[tiermutter]

Info for posterity: OP started a new thread, beginning from scratch here:
https://forum.opnsense.org/index.php?topic=37211.0

[firewall]

Where can we find your lean-and-mean, just enough, easy configuration How-To, really like to read it.

More than just awful documentation--it's that this is the de facto response to anyone willing to speak up about it.

It's FOSS; we get it. Unless we pony up the cost of support fees (should the option exist as it does here), one should make reasonable expectations for forum response times, access to experts, etc.

With that aside, in what world does it make sense to ask users with problems they can't solve to revise product documentation? Beyond the simple fact they're exceedingly unlikely to develop the software itself, surely those aren't the manner of technical experts you want authoring howto's for the masses? ::)

I'm appreciative of the project and the active forums but FFS the frequency of condescending rhetoric leaves a stain I can't be the first one to note.