Trying to run wireguard and openvpn at the same time on opnsense 24.1

[ivarh]

I have a 3 instance wireguard setup that is using /dev/run{0,1,2} and they are working fine

I am trying to set up an openvpn server in addition to these, but it seems to allocate /dev/tun1 to use as the tunnel device.

The error logged is: Cannot open TUN/TAP dev /dev/tun1: Device busy (errno=16)

I see no way I can override the tun device selected.

Does anyone know how to resolve this?

[ivarh]

I was able to resolve the issue by editing the confif.xml file to change <vpnid>1</vpnid> to <vpnid>3</vpnid>
under the section labelled
<openvpn>
     <openvpn-server>

I think there might be a bug in opnsense if you mix Wireguard and OpenVPN on the same firewall

[franco]

On 24.1 wireguard interfaces can no longer be TUN interfaces since wireguard-go is gone so these do not interfere with OpenVPN at all.


Cheers,
Franco

[tiermutter]

I think there might be a bug in opnsense if you mix Wireguard and OpenVPN on the same firewall

Running two OVPN and two WG instances on the same device I have no issues... not with 24.1 nor with any other version :)

[franco]

It used to be a bit problematic between wireguard-go and openvpn both opening tun devices which have a unique numbering but openvpn and wireguard GUI parts didn't know so they thought they both "own" the same instance.

But wireguard-kmod was ok and is ok :)


Cheers,
Franco

[ivarh]

Just upgraded to 24.1 and now wireguard no longer uses a tun device. However I now have a item in my plugin list that I cant delete that says: os-wireguard-go (missing)   N/A   N/A   N/A   N/A   N/A.

Is there a way to remove this expired entry from the plugin list?

[franco]

System: Firmware: Status: Resolve plugin conflicts -> Reset all local conflicts.


Cheers,
Franco

[ivarh]

Thanks, I found it under:
Settings -> Firmware -> Status

Thanks again all for the help.

Regards,
Ivarh

[franco]

Yep, sorry, typed from (bad) memory.


Cheers,
Franco