Wireguard VPN

[Patrick M. Hausen]

Adding a peer is in my experience completely painless. Comfigure the peer in the peer's UI, e.g. WG for Mac OS, copy and paste public key into OPNsense peer settings, done. I never used this peer generator thing.

[Kinerg]

Doing it manually is probably the best option.

Ps: Is Open VPN setup a less painful process? Any guides? I have a very simple setup as you have seen from the images, all I want is to have VPN access to the local network and connect to the internet as well once VPN is established.

I had no previous experience with WireGuard before setting it up in OPNsense and have managed to set up both S2S and Road Warrior links without much issue. It's not the most intuitive process in some cases, but it shouldn't be too much of a problem. You're probably 90% there and just missing some crucial step.

I would delete the current WG config and follow this guide: https://homenetworkguy.com/how-to/configure-wireguard-opnsense/

[leony]

Thanks I will figure out somehow to do trial and errors. Hopefully will get there.

Finally can you please advise if adding peer in attached way is correct? I won't use the peer generator. I am a bit confused particularly with Public Key and Allowed IPs (Peer Generator and manual adding seem to be a bit different to me)
 

[Kinerg]

Edit Peer:

Public key - you can use the one from the generator but just copy&paste it manually
Allowed IPs - 10.10.10.4/32 (peer address)

Endpoint Address - leave empty (set on the client/peer instance, not in OPNsense)
Endpoint port - leave empty (set on the client/peer instance, not in OPNsense)
Keepalive - leave empty (set on the client/peer instance, not in OPNsense)