brimble.com

User Tools

Site Tools

Trace: edgerouterx hoobsf33
equipment:fw4c_opnsense

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
equipment:fw4c_opnsense [2023/11/25 09:18] dirkequipment:fw4c_opnsense [2023/11/25 09:46] (current) – [Wireguard VPN] dirk
Line 96: Line 96:
     * Save/Apply     * Save/Apply
   * go to Lobby / Dashboard and restart wireguard   * go to Lobby / Dashboard and restart wireguard
-  +=== Create interface === 
 +  go to Interfaces / Assignments 
 +  * in the drop down under new interface, select the WireGuard instance (wg1) 
 +    * Enable: check 
 +    * Description: WG1 
 +    * Save/Apply 
 +  * go to Interfaces / WG1 
 +    * Enable: check 
 +    * Description: WG1 
 +    * Save/Apply 
 +=== Create VPN Firewall rules === 
 +  * go to Firewall / Rules / WAN 
 +  * create new rule by clicking on the "+" 
 +    * Action: Pass 
 +    * Quick: check 
 +    * Interface: WAN 
 +    * Direction: in 
 +    * TCP/IP Version: IPv4 
 +    * Protocol: UDP 
 +    * Source Invert: unchecked 
 +    * Source: any 
 +    * Destination Invert: unchecked 
 +    * Destination: WAN address 
 +    * Destination port range: from (other) 51820 to (other) 51820 
 +    * Description: allow wireguard inbound 
 +    * Save/Apply 
 +  * go to Firewall / Rules / [Name of interface assigned above (WG1)] 
 +  * create new rule by clicking on the "+" 
 +    * Action: Pass 
 +    * Quick: check 
 +    * Interface: WG1 
 +    * Direction: in 
 +    * TCP/IP Version: IPv4 
 +    * Protocol: any 
 +    * Source Invert: unchecked 
 +    * Source [Name of interface assigned above NET (WG1 net)] 
 +    * Destination Invert: unchecked 
 +    * Destination: any 
 +    * Destination port range: any 
 +    * Save/Apply 
 +=== Setup Clients === 
 +  * This will differ based on device... principal is the same. 
 +  * iPhone 
 +    * Download WireGuard from app store 
 +    * create new 
 +      * Name: brimble.com 
 +      * Generate keypair 
 +        * This public key (PEERPUBLIC) will go in VPN / WireGuard / Settings / Peers / Public key box 
 +      * Addresses: This will be whatever you put in the Allowed IPs box of VPN / WireGuard / Settings / Peers (10.23.0.11/32) 
 +      * Listen port: Automatic 
 +      * MTU: Automatic 
 +      * DNS servers: 8.8.8.8, 8.8.4.4 
 +      * click Add peer 
 +      * Public key: MAINPUBLIC this will be in VPN / WireGuard / Settings / Instances / Public key box 
 +      * Preshared key: blank 
 +      * Endpoint: the address and port of your server (brimble.com:51820) 
 +      * Allowed IPs: 0.0.0.0/0 
 +      * Save 
 +  * macbook 
 +    * Downlaod WireGuard from app store 
 +    * create new 
 +      * Name: brimble.com 
 +      * This public key (PEERPUBLIC) will go in VPN / WireGuard / Settings / Peers / Public key box 
 +      * <code>[Interface] 
 +PrivateKey = whatever is there 
 +Address = This will be whatever you put in the Allowed IPs box of VPN / WireGuard / Settings / Peers (10.23.0.11/32) 
 +DNS = 8.8.8.8, 8.8.4.4 
 + 
 +[Peer] 
 +PublicKey = MAINPUBLIC this will be in VPN / WireGuard / Settings / Instances / Public key box 
 +AllowedIPs = 0.0.0.0/0 
 +Endpoint = the address and port of your server (brimble.com:51820) 
 +</code> 
 +  * Save 
 +Link: https://docs.opnsense.org/manual/how-tos/wireguard-client.html
 ==== NAT for online gaming ==== ==== NAT for online gaming ====
   * go to Firewall / Aliases   * go to Firewall / Aliases
equipment/fw4c_opnsense.1700925524.txt.gz · Last modified: by dirk

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki