Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    WireGuard multiple fail over and dynamic routing

    Scheduled Pinned Locked Moved WireGuard
    7 Posts 2 Posters 1.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • O
      Ofloo
      last edited by

      • how do I do dynamic routing with wireguard network interfaces without allow rules.

      https://docs.netgate.com/pfsense/en/latest/vpn/wireguard/routing.html

      Tried it, does not work. (ffr bgp)

      Also, .. I kinda want 2 interfaces on one pfsense box with failover. This doesn't work unless I setup NAT but NAT is setup on the outer routers.

      router1 --- router3
   |       |
router2 ---'

      This works with openvpn with ipsec why not with wireguard. Previously I was able to set this up back when it wasn't a module. Why is this so hard now!

      luckman212L 1 Reply Last reply Reply Quote 0
      • luckman212L
        luckman212 LAYER 8 @Ofloo
        last edited by

        @ofloo Did you get anywhere with this? I'm about to dive into FRR + Wireguard. Was hoping not to be the first man into the cave.

        O 1 Reply Last reply Reply Quote 0
        • O
          Ofloo @luckman212
          last edited by Ofloo

          @luckman212 solved my problem not sure what i did though. Don't remember. I'll try and remember and post once I do.

          EDIT:

          I was supposed to create a tunnel interface for each tunnel.

          luckman212L 1 Reply Last reply Reply Quote 0
          • luckman212L
            luckman212 LAYER 8 @Ofloo
            last edited by

            @ofloo How's this working for you these days?

            1 Reply Last reply Reply Quote 0
            • O
              Ofloo
              last edited by Ofloo

              Works fine.

              luckman212L 1 Reply Last reply Reply Quote 0
              • luckman212L
                luckman212 LAYER 8 @Ofloo
                last edited by

                @ofloo Good to know. Would love to see some sanitized screenshots of your BGP/FRR settings and related WG peers

                O 1 Reply Last reply Reply Quote 0
                • O
                  Ofloo @luckman212
                  last edited by Ofloo

                  @luckman212 it's the same as a non bgp peer.

                  setup bgp router options

                  306a917e-13c2-44c5-8a5a-8cfada76f504-afbeelding.png
                  4f5593a5-9d1c-408b-a111-e3ff89537a9f-afbeelding.png

                  neighbour (target system)
                  3b7f143a-26aa-4a7d-a80b-b84b9f133790-afbeelding.png

                  d72ded88-c449-4839-8cd0-86b5dcd303d9-afbeelding.png

                  You need to setup frr

                  b943ce1a-0a31-4ebc-a4ac-6cd092f300c9-afbeelding.png

                  565fac11-b6dd-4103-8f12-0e12cd5a75ef-afbeelding.png

                  That's the allow all on the bgp

                  And setup ofcourse interface and firewall rules

                  1 Reply Last reply Reply Quote 1
                  • First post
                    Last post
                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.