Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
24.7 Production Series
»
Wireguard not working
« previous
next »
Print
Pages: [
1
]
Author
Topic: Wireguard not working (Read 336 times)
PotatoCarl
Full Member
Posts: 134
Karma: 5
Wireguard not working
«
on:
September 01, 2024, 10:34:27 am »
Hi
I am trying to setup wireguard as alternate VPN to the existing and running vpn. However, even if I religously follow the instruction in the documentation, i get an immediate connect (well, both linux and android claim to have connected), but nothing is accessible. i do not see anything from the inside network, not the ouside network.
Protocoll is set to "debugging" but does not even show entries (no new entries when somebody tries to connect I mean):
2024-09-01T10:21:54 Notice wireguard wireguard instance RoadWarrior (wg0) started
2024-09-01T10:21:54 Notice wireguard /usr/local/opnsense/scripts/Wireguard/wg-service-control.php: plugins_configure monitor (execute task : dpinger_configure_do(,WireGuard))
2024-09-01T10:21:54 Notice wireguard /usr/local/opnsense/scripts/Wireguard/wg-service-control.php: plugins_configure monitor (,WireGuard)
2024-09-01T10:21:54 Error wireguard /usr/local/opnsense/scripts/Wireguard/wg-service-control.php: ROUTING: not a valid opt4 interface gateway address: 'missing'
2024-09-01T10:21:54 Notice wireguard /usr/local/opnsense/scripts/Wireguard/wg-service-control.php: ROUTING: entering configure using 'opt4'
I have no idea where to set the "gateway address" as I have set it under "Peers" with the correct IP of the outside address. However, the address is tested either to be the external IP to the internet (which is the IP of a router forwarding everything to the firewall) OR the IP of the firewall. Both do not make any difference.
I really do not understand what the problem is or how to debug it. There is literally no traffic via the wireguard interface.
Thank you for your help.
Logged
mifi42
Newbie
Posts: 33
Karma: 7
Re: Wireguard not working
«
Reply #1 on:
September 01, 2024, 11:35:30 am »
If you can access a shell on the firewall host, there is a command to look at the status of wireguard, latest handshake, addresses allowed, etc.:
Code:
[Select]
wg show
I have my firewall rules in the WireguardGroup "interface" to allow traffic to and from the tunnel.
Also, I used
Code:
[Select]
tcpdump -i wg0
to look at the traffic flowing in and out of the tunnel.
Both commands can be done at either end of the tunnel.
I hope the extra information helps to find the problem.
Cheers,
Michiel
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
24.7 Production Series
»
Wireguard not working