![]() Any connection into WG (WireGuard) to be allowed anywhere (any).Likewise for this rule - it is pretty easy to follow. This is so my browsing both at home and afar can benefit from the Pi-hole. At this point, we need to create another Firewall rule that determines what can be visited.įor me, I want my VPN remotely to be able to connect to anything local as well as anything on the public Internet. So now we've basically setup the routing to allow a foreign connection (provided it authorizes) to connect to our WireGuard interface. The source being anything to arrive at the "WAN address".Inbound connections (IPv4 or IPv6) is allowed under UDP to port 51820.This rule is pretty easy to understand just basically says: Next I needed to open something up on the firewall itself to allow inbound connections to WireGuard server itself. So now I just needed to edit that interface to disable the configuration of IPs on it knowing that configuration would occur as Wireguard tunneled to my existing LAN. Automatic alias generation for the tunnel.OPNsense Interfaces: AssignmentsĪt first I created an interface for WireGuard, this just made things easier for a few reasons: I was quickly learning the true advanced settings for configuring interfaces and routing traffic properly. I had some strange issues that like only the first device setup in my WireGuard worked, or when I enabled Wireguard all my non-VPN devices lost Internet. Now from someone moving from purely ISP consumer based software - this was a bit to learn. Now I started following this official OPNsense tutorial on setting up WireGuard and it worked fairly well, but knowing my setup had a few differences left me to figure it out myself. All wired up and configured properly through OPNsense.Pi-hole to route all traffic over the network or VPN.A VPN you can use anywhere that supports WireGuard to connect back home.After a few more weeks - its all been perfected and I want to walk through supporting a few things: ![]() OPNsense - WireGuard - List ConfigurationsĪ few months ago I finished a mini home-lab build out to support some new cool technology in my network. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |