Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Pfsense SelfHosted acting as Wireguard VPN Server

    WireGuard
    2
    3
    964
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      joshhboss
      last edited by

      So lately i have been hosting wireguard servers (ubuntu) on digital ocean and the VPNs have been working pretty good.. Going from site A in miami vpn'd to a ubuntu server. and site B also in miami connecting to ubuntu server running wireguard and they can connect to each other no problem. I just tried launching a cloud instance but this time using Pfsense instead of Ubuntu and i was able to get the connections to work but when i ping from Site A local network to Site B local network i get these responses
      Posting Topology and then the errors below.. just to add the routers i am using are ubiquiti edge routers. but they are configured in the same way as when i use the ubuntu servers so i think the issue is somewhere in PFsense.

      Wireguard Image.png

      joshhboss@Joshuas-MacBook-Air ~ % ping 10.7.1.252
PING 10.7.1.252 (10.7.1.252): 56 data bytes
92 bytes from 10.111.222.1: Redirect Host(New addr: 10.7.1.252)
Vr HL TOS  Len   ID Flg  off TTL Pro  cks      Src      Dst
 4  5  00 0054 ef54   0 0000  3f  01 97de 10.111.222.4  10.7.1.252 

64 bytes from 10.7.1.252: icmp_seq=0 ttl=62 time=111.662 ms
92 bytes from 10.111.222.1: Redirect Host(New addr: 10.7.1.252)
Vr HL TOS  Len   ID Flg  off TTL Pro  cks      Src      Dst
 4  5  00 0054 17e9   0 0000  3f  01 6f4a 10.111.222.4  10.7.1.252 

64 bytes from 10.7.1.252: icmp_seq=1 ttl=62 time=111.659 ms
92 bytes from 10.111.222.1: Redirect Host(New addr: 10.7.1.252)
Vr HL TOS  Len   ID Flg  off TTL Pro  cks      Src      Dst
 4  5  00 0054 9a4e   0 0000  3f  01 ece4 10.111.222.4  10.7.1.252 

64 bytes from 10.7.1.252: icmp_seq=2 ttl=62 time=107.242 ms
92 bytes from 10.111.222.1: Redirect Host(New addr: 10.7.1.252)
Vr HL TOS  Len   ID Flg  off TTL Pro  cks      Src      Dst
 4  5  00 0054 4ff8   0 0000  3f  01 373b 10.111.222.4  10.7.1.252 

64 bytes from 10.7.1.252: icmp_seq=3 ttl=62 time=118.693 ms
92 bytes from 10.111.222.1: Redirect Host(New addr: 10.7.1.252)
Vr HL TOS  Len   ID Flg  off TTL Pro  cks      Src      Dst
 4  5  00 0054 aa79   0 0000  3f  01 dcb9 10.111.222.4  10.7.1.252 

64 bytes from 10.7.1.252: icmp_seq=4 ttl=62 time=116.592 ms
''
      1 Reply Last reply Reply Quote 0
      • J
        joshhboss
        last edited by joshhboss

        @joshhboss said in Pfsense SelfHosted acting as Wireguard VPN Server:

        Redirect Host(New addr:

        i went here..
        System->Advanced > System Tunables tab and changed net.inet.ip.redirect to the value of 0.. and the redirects went away.

        Could this cause problems?

        luckman212L 1 Reply Last reply Reply Quote 0
        • luckman212L
          luckman212 LAYER 8 @joshhboss
          last edited by

          @joshhboss I hit this same issue today. I found https://redmine.pfsense.org/issues/11494 and the system tunable you used is mentioned there as well.

          I hope for a proper fix at some point but this seems harmless enough.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post