Selective Routing with Wireguard and Unbound

Started by not_the_messiah, August 11, 2024, 05:52:47 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
August 11, 2024, 05:52:47 PM
Hi Everybody,

Not sure if this is the right section to post in, so apologies in advance!

I've followed this guide in a bid to setup VLANs and selective routing over WG VPN: https://schnerring.net/blog/opnsense-baseline-guide-with-vpn-guest-and-vlan-support

However, I am not able to get the routing through Unbound for the VLANs I wish this applied to. From what I've read, the issue lies with this step: https://schnerring.net/blog/opnsense-baseline-guide-with-vpn-guest-and-vlan-support/#add-static-ipv4-configuration-to-the-wireguard-interfaces - when I attempt this, Opnsense returns the following error
QuoteCannot assign an IP configuration type to a tunnel interface

I understand has been an issue for quite some time.

Is there a solution/alternative approach to this?

Everything else I have configured following this guide is working as expected.

Any help would be very much appreciated!
August 13, 2024, 11:10:09 PM #1
There has to be a solution out there somewhere - I'm certain my requirements are not that exotic, are they?!

All I wish to do is:

  • Have multiple VLANs/Interfaces
  • Some Interfaces route via the WG VPN, other, WAN
  • Some Interfaces use Unbound (using WG Interface) for DNS, some use DNSMasq

Anyone?
August 14, 2024, 11:23:56 AM #2
Some sections of that guide are out of date. Check out this comment at the bottom of the guide page. It should help.

https://schnerring.net/blog/opnsense-baseline-guide-with-vpn-guest-and-vlan-support/#remark42__comment-fc205823-ba86-422b-991f-cdd8542dc465

Not sure what else will break in this guide with the 24.7 release.
August 14, 2024, 12:34:12 PM #3
i am not sure why you would follow the unbound part.
Mullvad has used dns hijacking for years.  so if the tunnel and interfaces are created properly it forces the tunnel to use their DNS.     

i have never subscribed to their service for wireguard but did use openvpn for a year or so. 

it sounds like a configuration issue.    have you tried watching Christian McDonalds videos on youtube?

i have 2 tunnels with 2 different providers that works perfectly fine using wireguard
Print
Go Up Pages1
User actions