Author Topic: Wireguard Gateway (Read 928 times)

Vin2 · « **on:** July 31, 2024, 11:43:48 am »

Hello everybody,

I try to configure a Wireguard Gateway to route my networks through the tunnel to ProtonVPN.

I configured my Firewall as described in the wiki
https://docs.opnsense.org/manual/how-tos/wireguard-selective-routing.html

Yet unfortunaetly there is no internet access through that route

The only thing that looks fishy to me is the lack of "UP" in the Wireguard Status for the peer

Can anybody help to troubleshoot this?

Regards

doktornotor · « **Reply #1 on:** July 31, 2024, 11:55:48 am »

Look at the logs and post them.

Vin2 · « **Reply #2 on:** July 31, 2024, 12:03:24 pm »

attached

doktornotor · « **Reply #3 on:** July 31, 2024, 12:14:24 pm »

Well, I meant the wireguard logs...

DEC670airp414user · « **Reply #4 on:** July 31, 2024, 12:15:45 pm »

screen shot 2.

delete the top rule (or disable it)
for the IP 4 Lan.net rule. why not change the gateway to protonvpn? reset states and see if it actually works?

then fine tune your alias's / certain computers you want to go out the tunnel

Vin2 · « **Reply #5 on:** July 31, 2024, 12:40:42 pm »

Picture 1 - Wireguard Logs

Picture 2 - Tried changing the Gateway to ProtonVPN, didnt work

DEC670airp414user · « **Reply #6 on:** July 31, 2024, 01:42:11 pm »

interface area doesn't appear to be completed all the way.

have you clicked advanced mode top left? then for DNS put their DNS server and IP address for the gateway address in your configuration file

depending on if you are using ISC or Kea. you will need to add the dns server

Vin2 · « **Reply #7 on:** July 31, 2024, 02:51:29 pm »

interface is setup as described in the wiki here

dns is also setup accordingly in the instance, do you think here lays the problem?
I already tried to use 1.1.1.1, or 10.2.0.1 (privided from protonvpn as DNS)=>didnt work as well

DEC670airp414user · « **Reply #8 on:** July 31, 2024, 03:41:52 pm »

I've never created the gateway manually... I would delete yours and click save> and go to interfaces > the proton WG interface and at the very bottom click Dynamic gateway policy

also on that page I put in MTU of 1320 or up to 1380 and save..

go back to system / gateway / config and see if it shows online. if not open it. click save and see if it comes online for you.

kozistan · « **Reply #9 on:** July 31, 2024, 04:35:53 pm »

i have 27 proton wan's for production network, one of my client wanted to filter activity on those interfaces. It was year ago or so and same, i was not able to get it work with WG.
Also spoke with proton support and the answer was that wireguard gateways is't the way. I made with openvpn and it's working till now.

DEC670airp414user · « **Reply #10 on:** July 31, 2024, 04:41:47 pm »

I don’t pay for proton currently but have two other “providers” where the setup is fairly straightforward and just works

Author Topic: Wireguard Gateway (Read 928 times)

Vin2

Wireguard Gateway

doktornotor

Re: Wireguard Gateway

Vin2

Re: Wireguard Gateway

doktornotor

Re: Wireguard Gateway

DEC670airp414user

Re: Wireguard Gateway

Vin2

Re: Wireguard Gateway

DEC670airp414user

Re: Wireguard Gateway

Vin2

Re: Wireguard Gateway

DEC670airp414user

Re: Wireguard Gateway

kozistan

Re: Wireguard Gateway

DEC670airp414user

Re: Wireguard Gateway