@lcbbcl Yeah this just a bug where it was backwards. Fixed in 0.1.1

@theonemcdonald Your question tickled the appropriate neuron. I had the wrong server ip address. Once corrected, access to the local subnet was established but no internet. I then went over to firewall outbound nat and noted that there were automatic rules for openvpn and ipsec but not for wireguard. I switched mode to hybrid, entered and saved the new rule and now have access to the internet. Thanks for your help. Ted Quade

@vajonam Thanks so much for the advice! I was thinking it would be a lot more complex than that :-) This particular firewall has clients only, the other firewall forwards the OVPN port to its server with no problems. Another lesson learned, with my appreciation! Cheers, Chuck

@ofloo said in WireGuard Removed from pfSense CE and pfSense Plus Software: Also FreeBSD didn't release it, Netgate did. It was pulled from the 13 release. To quote you: it should never have been in the release in the first place! And I already said: I'm with you that it was rushed into the release (and was quite a surprise in the announcement) and was there too early. Full ack there. But I don't only hope Netgate will learn from that but also FreeBSD itself. That wasn't a stellar performance for all participants ;)

Europe is moving away from american software in any regard. That is the trend here in Scandinavia.

OK ... thanks

@ryanm You are not seeing some sites because Wireguard requires MSS clamping. Set the MSS to 1380 and it should solve your problem. It's covered at the end of this page: https://github.com/FingerlessGlov3s/OPNsensePIAWireguard Also, depending on the CPU, you can get up to 700Mbit/sec with Wireguard-go

Addon : Just found out that netgate pulled the plug on wireguard, I don't know anything about the kernel's code, but this might be one of the reason they pulled the plug, something is unoptimized in the kernel code and does not work as intended. Thank you for reading.

Given this announcement, I've paused my project and am reassessing things. Likely switching back to my previous Linux vm wireguard gateway setup I had going on. Definitely recommend not proceeding with using my app to config wg on pfsense.

@quasides just a future warning, as we can see we basically define a static routing table on wireguard level. that also means any change in topology has to be manually updated on each and every client. automated updated of routing tables like with OSFP dont work, WG has still no implementation for that and while OSFP could change routers (pfsense) it would be overwritten or at least meaningless as WG is gonna override it and or at least use it internally based on manual config edit: i do understand the confusion tough. not only is WG concept with like no pushiung config a very wierd one, but the naming of the parameter allowed IP is beyond stupid. just translate it to something sane like "remote network" which what it basically means

@rcmcdonald91 it's a fast-paced world...

@yodaphone I'd like to know this answer too. I have been having trouble getting wiregaurd to pass any traffic for a for a single remote peer. Unfortunately, this nat rule did not resolve the problem.

@jimp Perfect! Thanks for the reply. I just wanted to share this and I am pretty sure all will be fixed with 2.5.1 when it will come out. Thanks again!

@matosc i had the same thing while messing with Wireguard the first week after the 21.02 release. i found i had deleted the keys required for the connection so the connection, never connected. not sure if there is a timeout period on boot up for this to connect or not! hopefully someone more knowledgeable can fill us in

@hypnosis4u2nv said in WireGuard VPN providers that support pfsense: I have Torguard up and running. And i can confirm that it works with their dedicated (streaming) IP's.

@jimp I used the button to generate one.