@brookheather said in WireGuard Package documentation:

Then you need to assign this interface a static IPv4 address range (your peers will be using an IP within this range).

I registered just to post here. This was it. This fixed my WireGuard issue. I could get connections and handshakes to the tunnel, but I couldn't get LAN or WAN access.

I do not remember if I had the configured in 2.5.1 or not, but since the change to 2.5.2 I couldn't get the WG tunnel to pass traffic. I didn't even need to create a gateway for the tunnel as mentioned above.

Adding the IP address fixed it all. Thank you!

@dma_pf

Alright... I figured out my issue. I never added allowable IP's to 0.0.0.0 /0.
That problem is fixed but I still cannot get my lan traffic or my openvpn tunnel client to use those tunnels for internet. Road block after road block. I guess if this was easy everyone would do it.

@digitalcomposer outstanding. Glad things are working as expected. Enjoy!

@_igor_ Sorry it didn't work out - it definitely does on Windows...

@departy No, still same issue.

@propercactus with how stable Wireguard and pfsense has been, I'll stick with it and if what I saw in the bug report is right (if I interpreted it right) I'm just going to stick with Wireguard. Its at most a minor inconvenience if I have to login on the off chance I have a crash or have to reboot my system.

Hmm... Solved by changing the Wireguard subnet from a 172.x.x.x range to a 10.x.x.x range. The machine in question is a VM running docker alone and pretty sure it has some strange firewall rules in place regarding 172 subnets. Docker is just weird.

Thanks to Tigger2014 on github, I dicovered some how a directory for the package was a file on my system. After renaming the file, I was able to successfully install the package. Issue resolve on my end. Thank you!

@theonemcdonald I too have been trying to get a road warrior WG setup on 2.5.2. and also would love a simple config guide or video on the road warrior setup.

So far I am hoping to be able to piece together what is needed to get a basic config up and working with from your mulvad video and also from the screenshots you posted in another thread.

https://forum.netgate.com/topic/163133/wireguard-lives/66

I am subscribed to your YouTube channel and do thank you for all the work you have done for the community at large it is beyond awesome. :-)

@johnpoz said in I am lost....:

As to ease of setup - I thought, maybe I mistaken but at some point there is/was suppose to be a QR code you could just point your phone at to set it up? If that was true than yeah it would be slick ;)

The Android app had this capability but pfsense does not yet seem to generate these codes, at least not through the GUI. I tried downloading the config and importing this but this did not work. This was in the early tries when I did not understand what I was doing. Maybe it would work now.

I gave it a go and I feel like I'm nearly set up - but I'm still not able to get my remote peer connected to the tunnel... I reckon I've got a simple config mistake I'm missing.

Feel free to see my post on the other topic you posted!

@jimbohello yup I've switched to IPsec I can't lose connectivity to the stuff behind the tunnel for any given reboot.

@botboy This is in a remote access setup that works perfectly, except for the constant errors on the Interfaces widget...

Happy to provide more details if needed.

Thanks for the heads up, however I already set it up this morning.

@gabacho4 I imagine things have been delayed a bit due to final work on 2.5.2 base. Things will improve here a lot in the next week or so, stay tuned

@floky99 This forum is only for discussion relating to WireGuard on pfSense. I'd recommend posting here https://www.reddit.com/r/WireGuard/

@theonemcdonald Sorted. Cheers man :)