Log for connection attempts?
-
Is there anywhere apart from the status tab in the webgui that I can see info about connection attempts?
I am the sole user of wireguard on my pfsense and to keep track of what's going on I have my log server send an alert email whenever pfsense lets traffic pass. Until now I have only received alerts when I connect myself, but the other day I got an alert when I was not trying to connect, and saw that traffic from another country had been let through pfsense according to the 'pass traffic to wireguard' rule.
Wireguard status tab showed that the latest handshake was with me several hours prior to this alert/traffic.
I am thinking everything is in order. Some bot tried the port in question and pfsense passed the traffic to wireguard and since I see no handshake info, I suppose wireguard rejected the attempt or the attempt was not even capable of interacting with wireguard.
-
But is there any way I can verify that is what happened?
-
And if you think I am wrong in my assumption above, please correct me.
-
-
Your WAN IP is reachable by who ever you want.
Like your front door.
But you need the 'key' from that moment.
You have a key.But they :
@pastic said in Log for connection attempts?:
traffic from another country had been let through pfsense according to the 'pass traffic to wireguard' rule.
do not have the key.
