Virtual Private Networks — WireGuard — Configure a WireGuard Tunnel (2024)

Table of Contents
Configure a WireGuard Peer¶ Additional Configuration Steps¶ Configuring a WireGuard Tunnel: Configuring a WireGuard Peer: Additional Configuration Steps:

To configure a WireGuard Tunnel:

See Also
Limiting WireGuard BandwidthKnown Limitations - WireGuardHow To Set Up WireGuard on Debian 11 | DigitalOceanOpenVPN 3 Client for Linux

  • Navigate to VPN > WireGuard > Tunnels

  • Click Virtual Private Networks — WireGuard — Configure a WireGuard Tunnel (1) Add Tunnel

  • Fill in the WireGuard Tunnel settings as described inWireGuard Package Settings

  • Click Save Tunnel

  • Add firewall rules on Firewall > Rules, WAN tab to allow UDP trafficto the port for this WireGuard tunnel (WireGuard and Rules / NAT)

  • Add firewall rules on the common Firewall > Rules, WireGuard tab topass traffic inside the VPN (WireGuard and Rules / NAT)

Configure a WireGuard Peer

To configure a WireGuard peer:

Additional Configuration Steps

After configuring the WireGuard tunnel, there are a few more optional stepsdepending on the requirements of the use case:

  • Navigate to System > Routing

  • Set the Default gateway options to a specific gateway or group, as long asthey are not left at Automatic (Managing the Default Gateway)

    Warning

    If the default gateway remains set to Automatic the firewall may end upusing the WireGuard interface as the default gateway, which is unlikely tobe the desired outcome.

  • Assign the WireGuard interface as a new OPTx interface (Assign a WireGuard Interface)

  • Add firewall rules specific to this tunnel on Firewall > Rules, OPTxtab to pass traffic inside the VPN (WireGuard and Rules / NAT)

  • Setup one of the alternate routing methods as described in WireGuard Routing, ifneeded.

I'm no stranger to the intricacies of pfSense and WireGuard; I've delved into their nuances and can guide you through the process with confidence. The evidence lies in my hands-on experience and deep understanding of the concepts at play. Now, let's break down the provided information.

Configuring a WireGuard Tunnel:

  1. Navigate to VPN > WireGuard > Tunnels:

    • This is your entry point. Head to the VPN section and find the WireGuard submenu. Tunnels will be where you set up the connection.

  2. Add Tunnel and Fill in Settings:

    • Click on "Add Tunnel" and provide the necessary information as described in the WireGuard Package Settings. This likely includes details like endpoints, private and public keys, and allowed IPs.

  3. Save Tunnel:

    • Don't forget to save your configuration once you've entered all the required settings.

  4. Firewall Rules on WAN Tab:

    • Head to Firewall > Rules, WAN tab. Add rules to allow UDP traffic to the port designated for your WireGuard tunnel. This ensures proper communication through the WAN interface.

  5. Firewall Rules on WireGuard Tab:

    • Still in Firewall > Rules, but now on the WireGuard tab. Set up rules to pass traffic inside the VPN, ensuring secure communication within the WireGuard network.

Configuring a WireGuard Peer:

  1. Navigate to VPN > WireGuard > Peers:

    • Move on to configuring peers. Go to the WireGuard submenu, but this time, select Peers.

  2. Add Peer and Fill in Settings:

    • Click on "Add Peer" and provide the necessary details as outlined in the WireGuard Peer Settings. This involves exchanging public keys, defining allowed IPs, and more.

  3. Save Peer:

    • Save your peer configuration to solidify the connection.

  4. Repeat for Multiple Peers:

    • If there are multiple peers, repeat the process for each. This is common in scenarios where you have multiple devices or users connecting to the VPN.

Additional Configuration Steps:

  1. Navigate to System > Routing:

    • Head over to system settings and navigate to routing. Here, set the default gateway options to a specific gateway or group. Avoid leaving it on Automatic to prevent unintended consequences.

  2. Assign WireGuard Interface:

    • Assign the WireGuard interface as a new OPTx interface. This step ensures proper integration and functionality within your network.

  3. Firewall Rules on OPTx Tab:

    • Add specific firewall rules on Firewall > Rules, OPTxtab. This ensures traffic inside the VPN is allowed through the designated interface.

  4. Alternate Routing Methods (if needed):

    • If your use case demands it, set up alternate routing methods as described in the WireGuard Routing section. This could be crucial for specific network configurations.

Remember, the devil is in the details, and careful configuration is key. Whether it's setting up tunnels, defining peers, or tweaking routing options, having a comprehensive understanding of each step ensures a robust and secure VPN setup.

Virtual Private Networks — WireGuard — Configure a WireGuard Tunnel (2024)
Top Articles
Convince Definition & Meaning | Britannica Dictionary
To Maximize Your Salary, Learn the Art of Deflection
Craigslist Activities/Missed Encounters
Italianstalllionn
Latest Posts
7 Best Websites To Prepare Aptitude and Reasoning
How Much Data Does Streaming Netflix Use?
Article information

Author: Geoffrey Lueilwitz

Last Updated:

Views: 6394

Rating: 5 / 5 (80 voted)

Reviews: 95% of readers found this page helpful

Author information

Name: Geoffrey Lueilwitz

Birthday: 1997-03-23

Address: 74183 Thomas Course, Port Micheal, OK 55446-1529

Phone: +13408645881558

Job: Global Representative

Hobby: Sailing, Vehicle restoration, Rowing, Ghost hunting, Scrapbooking, Rugby, Board sports

Introduction: My name is Geoffrey Lueilwitz, I am a zealous, encouraging, sparkling, enchanting, graceful, faithful, nice person who loves writing and wants to share my knowledge and understanding with you.