Purpose of WireGuard tab and WG0 ?
-
So can someone smart explain how can WireGuard tab and WG0 tab be used in the FW rules ?
I have allow all connections in WG0 and no rules in WireGuard and all seems working fine.
What is a use case for WireGuard rules ?
Thx
-
The same as OpenVPN tab and assigned OpenVPN interfaces.
The group tab can be used to have rules cover multiple interfaces or when you don't have WireGuard interfaces assigned at all.
If you have WireGuard interfaces assigned it's better to put the rules on the assigned interface tab(s), but some people prefer to put blanket rules on the group tab to allow things so they don't have to manage them individually.
-
@chudak Wireguard rules are applied first and are applied to all Wireguard traffic whether through an interface or not. WGX rules are applied to that only interface and enable "reply-to". https://docs.netgate.com/pfsense/en/latest/vpn/wireguard/rules.html
-