Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Purpose of WireGuard tab and WG0 ?

    Scheduled Pinned Locked Moved
    WireGuard
    3
    4
    489
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • chudakC
      chudak
      last edited by chudak

      So can someone smart explain how can WireGuard tab and WG0 tab be used in the FW rules ?

      I have allow all connections in WG0 and no rules in WireGuard and all seems working fine.

      What is a use case for WireGuard rules ?

      Thx

      D 1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        The same as OpenVPN tab and assigned OpenVPN interfaces.

        The group tab can be used to have rules cover multiple interfaces or when you don't have WireGuard interfaces assigned at all.

        If you have WireGuard interfaces assigned it's better to put the rules on the assigned interface tab(s), but some people prefer to put blanket rules on the group tab to allow things so they don't have to manage them individually.

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • D
          dma_pf @chudak
          last edited by

          @chudak Wireguard rules are applied first and are applied to all Wireguard traffic whether through an interface or not. WGX rules are applied to that only interface and enable "reply-to". https://docs.netgate.com/pfsense/en/latest/vpn/wireguard/rules.html

          chudakC 1 Reply Last reply Reply Quote 0
          • chudakC
            chudak @dma_pf
            last edited by

            @dma_pf @jimp

            Interesting... Thx

            I never assigned an interface to OpenVPN.

            Is it incorrect ? When would you vs won't you assign it ?

            1 Reply Last reply Reply Quote 0
            • First post
              Last post