Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Wireguard Interface Firewall Rules

    Scheduled Pinned Locked Moved WireGuard
    1 Posts 1 Posters 121 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      MrRichardNaxon
      last edited by

      Hello,

      Not having an easy time finding details on this..

      Any guides for setting up Wireguard, basically just have you just edit the default allow all out rule for utilizing the Wireguard gateway.

      When you do that, are you technically saying: "Allow anything from the subnets behind that interface to go to anywhere on the other side of the Wireguard gateway."?

      For instance, a lot of people think that "WAN Subnets" is the internet, but it's apparently anything other than the modem attached to the other side by ethernet, hence applying that as a rule doesn't apply to the overall internet and you use all instead. So, I guess what I'm saying is that the Wireguard gateway is not equivalent to the WAN address or WAN subnets, but then you have the Wireguard interface and the Wireguard VLAN Interfaces in firewall rules and apparently "Wireguard Networks" is "undefined" as an error if I use it for a rule.

      I'm assuming the Wireguard interface is a cumulative of any wireguard virtual interfaces and then the "Wireguard Networks" refers to it?

      Can someone shed some light on this, maybe with an example of what exactly "Wireguard Networks" and the VLAN are referring to? My apologies if the question(s) aren't clearly stated, it's late.

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.