- WireGuard Site2Site VPN Guide
·
wireguard
· Setting up a Site 2 site VPN with WireGuard is pretty easy provided you have some basic WireGuard and IP routing knowlege. The scope of this guide is to provide sample configurations with additional explanations. You still have to use your brain and think what setup suits you best. This guide also only focuses on the current generation IP protocol IPv6. Legacy IPv4 addressing works exactly the same. This guide is also platform agnostic.
- WireGuard on OPNsese: wg0 is not a WireGuard interface
·
opnsensewireguard
· My WireGuard on OPNsense 22.1 suddenly stopped working out of nowhere and would not restart:
root@firewall:~ # /usr/local/etc/rc.d/wireguard restart
wg-quick: ‘wg0’ is not a WireGuard interface
wg-quick: ‘wg0’ already exists
Checking the wg0 interface via ifconfig told me that was a lie:
root@firewall:~ # ifconfig wg0
wg0: flags=8002<BROADCAST,MULTICAST> metric 0 mtu 1420
options=80000
groups: tun wireguard
nd6 options=103<PERFORMNUD,ACCEPT_RTADV,NO_DAD>
A hanging interface is thankfully not new to me. I’ve dealt with many of them before when I was still OpenVPN.
- OPNsense: Prefer source address
·
opnsenseipv6wireguard
· Note: This post is about IPv6 addresses. I assume it works with legacy IP, too (untested).
Problem Before switching to a modem I had configured a static WAN address. I chose that address to be also used as WireGuard endpoint address. WireGuard has one major problem: You can’t configure the address it’s listening on. It relies on the underlying operating system to fill in the source address. And this can cause problems on a machine with multiple interfaces and addresses like an OPNsense firewall as you will see now.
- WireGuard: "Error: Unknown device type" on Archlinux
·
wireguard
· Do you also have the following problem after installing wireguard-tools and wireguard-arch?
[root@test ~]# ip link add dev wg0 type wireguard Error: Unknown device type. No, you didn’t do anything wrong! Yes, that’s the right way to install WireGuard on Arch! So why isn’t it working? The fix is pretty simple: Update your fucking system!
[root@test ~]# pacman -Syu :: Synchronizing package databases... core is up to date extra is up to date community is up to date :: Starting full system upgrade.
