![]() This is all very experimental and not officially supported in any way, and not for the faint of heart. (I cannot stress enough that you should heed all the warnings about how using the command line or installing outside packages can possibly break your system. If you're using pfSense 2.4.5 like I am, you can use these commands on the command line interface, or the Command Prompt page on the web interface: pkg add I'm now using wireguard-0319_2 and Perhaps this page would be helpful to you? Assuming you haven't downloaded anything yet, you can use the command pkg add to download and install a package from a URL - no need to unpack anything. During the upgrade process pfSense-pkg-wireguard was removed, and after reboot I had to remove the old wireguard and wireguard-go packages before adding the new ones. If you need more help configuring WireGuard itself, I can recommend this unofficial documentation, especially the examples.Īll right, I upgraded to 2.4.5 and so far I'm not seeing any issues. Typically for mobile clients you also want to set AllowedIPs to 0.0.0.0/0,::/0 so that the interface can route all traffic over the tunnel. Looking at the config you posted, I think the interface address on your Android client needs to be a single address, not a range (e.g. Once you have the interface set up, you can then forward the VPN's port ( 51000 in your case) to your interface's IP and assign firewall rules to it like any other interface. Don't touch any other interface settings. On the Interface Assignments page, create a new interface for tunwg0 and enable it. When I get time I will also add a README to the repository.įor a simple setup, you shouldn't need to create an interface group or configure a PostUp command. ![]() Status My bad, I should have explained this more - I have updated my initial post to include some instructions. Once the interface is up you can configure firewall rules for it and generally treat it the same as a physical interface. Name it, enable it, and don't touch any other settings. Once you have them set up, go to the Assign Interfaces screen and create a new interface for tunwg0. The package supports configuring one interface and any number of peers. I am using wireguard-0227_3 and wireguard-go-1222 in my current setup. You will need to download the appropriate builds for your version of pfSense, or build them, and then manually install them before installing this package. This package depends on the wireguard and wireguard-go ports for FreeBSD. Source and release is here: Bug reports and PRs welcome. Please note that both WireGuard and this package are still very experimental. I've been running it on my router for about a week without any issues, so I figured I'd share. I wanted to try out WireGuard on my new pfSense router, and in the process I decided to make a package for it.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |