1. Home
  2. pfSense Packages
  3. WireGuard
Log in to post
Load new posts
  • M

    Second peer not passing traffic

    20
    0 Votes
    20 Posts
    3k Views
    stephenw10S

    Yes. With multiple peers you need to set Allowed-IPs to determine which peer WG routes to.
    https://www.wireguard.com/#cryptokey-routing

    But to avoid confusion 'Endpoint' is a WG term the defines the external IP.

    Steve

  • B

    Invalid interface listen port

    17
    0 Votes
    17 Posts
    2k Views
    S

    Hello!

    I am testing on :

    2.5.0-DEVELOPMENT (amd64)
    built on Mon Jan 25 09:13:15 EST 2021
    FreeBSD 12.2-STABLE

    Using Firefox 84.0.1 (64-bit)

    I dont see any form field validation happening and the code in wg_validate_post and wg_validate_peer will let you enter just about anything you want.

    I made a redmine issue with some stopgap code that might help. https://redmine.pfsense.org/issues/11311

    John

  • F

    what speeds can you get with WG on a SG-3100

    4
    0 Votes
    4 Posts
    3k Views
    viktor_gV

    @griffo said in [what speeds can you get with WG on a

    On my old Celeron based test router, I always hit a limit of ~110mbits on OpenVPN. So far i've gotten up to 200mbit by switching to Wireguard.

    see https://redmine.pfsense.org/issues/10311

  • G

    Removing WG interface breaks firewall

    4
    1 Votes
    4 Posts
    800 Views
    G

    @stephenw10 said in Removing WG interface breaks firewall:

    Are you able to reproduce that?

    What you are seeing there is that the two WireGuard interfaces are still assigned and enabled in the config but do not exist yet in the firewall.
    However those should not be checked at that point since the interfaces are created after that in the boot. A commit went in to correct that a few days ago:
    https://github.com/pfsense/pfsense/commit/e564dbd64cc818bd5e751dbeaef8b00f1c0f9ed7

    The current snapshot should not hit it.

    Steve

    Thanks. On recent builds i have not been able to replicate it. I believe the above resolved the issue.

  • M

    If a psk is specified on a peer, it puts the psk in the keepalive field

    4
    0 Votes
    4 Posts
    768 Views
    stephenw10S

    https://redmine.pfsense.org/issues/11288

  • JeGrJ

    WireGuard peer status in dark theme

    2
    0 Votes
    2 Posts
    597 Views
    stephenw10S

    Mmm, yeah that's tough on the eyes!

    https://redmine.pfsense.org/issues/11287

    Steve

  • B

    Documentation - default port

    5
    1 Votes
    5 Posts
    961 Views
    jimpJ

    Those haven't been written yet, some things are still in flux because development is ongoing and we're waiting on a couple more pieces to fall into place yet. Soon!

  • S

    Unable to create a peer

    4
    0 Votes
    4 Posts
    804 Views
    dennis_sD

    @skplus This looks to be the same thing our engineers were seeing in testing. The description here isn't the exact same, but the root cause is believed to be the same. This should be fixed in the latest snap.

  • P

    Wireguard is not under VPN tab

    3
    0 Votes
    3 Posts
    921 Views
    P

    @chpalmer Oh I picked bad time to look at documentation. I wasn't sure if I need to do something on my end.

    Thank you very much, I'll keep an eye on update.

Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.