WireGuard Interface no available on 'Interfaces' selection

magoo_it

Hi to all,
I'm trying to install Wireguard on my PF 2.5.2, but the tunnel interface doesn't show up on the interface selection after creating the tunnel config, and so, I cannot activate the tunnel.

I'm running OpenVPN on the same server, and what I want is to test if running WireGuard would be a better solution.

A quick search on the web only points to 'setup' scenarios so I'm questioning it here.

Thanks in advance.
JG

mooncaptain

@jasggpfsense
I had this problem when I was setting up WireGuard a few days ago. At some point I must have turned off/stopped the WireGuard service because when I turned it back on I was able to see the tunnel in the Interface setup.

dma_pf

@jasggpfsense said in WireGuard Interface no available on 'Interfaces' selection:

the tunnel interface doesn't show up on the interface selection after creating the tunnel config,

If all you did was create a tunnel in the Wireguard package then there will not be a dedicated interface for it and all of the firewall rules for it would be handled in the Firewall/Rules/Wireguard tab.

If you want a dedicated interface for the tunnel then you have to manually create the interface (Interfaces/Assignments) and it's routing (System/Routing/Gateways).

magoo_it

@dma_pf
Thank your for your reply.

Yes, all I did was in fact create the tunnel, as instructed by the Netgate Documentation.
But, several 'how tos' say that I must assign an interface to the tunnel, and that's the step I cannot do.
Since the tunnel interface does not appear on the selection drop-down to be selected.

JG

mooncaptain

@jasggpfsense
OK - can't help with that. However there is a way to setup a single user peer without setting up an interface. Here's a good tutorial on video by the person who is managing WireGuard for the pfsense team. It is definitely worth the time. pfSense WireGuard Package - Project Report 010 - C. McDonald
Use the timestamps in the message below the video to jump to the Nat rules section that deals with an additional step if you don't have an Interface defined. The whole video is worth a look for WireGuard beginners.

Also did you check to be sure that the tunnel you defined was turned on. Check the status.

dma_pf

@jasggpfsense

@mooncaptain is correct. You can certainly set up Wireguard without an interface. But depending on your use it may be better to have an interface. If that is your case use the instructions in pfSense WireGuard Guide Series 001 - Mullvad Failover in the same video series as provided by @mooncaptain .

Either of those will give you a guide to getting things moving along. If you run into issues just post back here and you'll get help.

magoo_it

@mooncaptain and @dma_pf

Thank you !!
After reading your previous reply, ( and after having removed the WireGuard package, with the option not to save the previous configurations ). I reinstalled the package, and the first thing I did was, as mentioned by @mooncaptain, I went to the 'Settings' tab on the package, and enable it. I tried to do that on the previous attempt but was unable to do that.
After doing that, I created the tunnel and checked to see if it appears on the selection on the interface, and this time it did !.
I must have done something right when removing the package, without any previous settings.
BTW, I didn't reboot the FW, as I have an offsite backup running that cannot be interrupted at this time.
So this time I can select and assign the interface!
Thank for the video, I'm going to watch it before I continue with this setup.
I'll update this after that finishes.
Thanks again.
JG