No video
OPNSense - WireGuard Road Warrior Setup
Рет қаралды 7,424
Күн бұрынThe video will assist you in setting up Wireguard on OPNSense, ensuring that the configuration process is both straightforward and secure. Following the steps outlined in this guide, you can be confident that your VPN solution is appropriately configured to maximize security while minimizing complexity.
#opnsense #wireguard #vpn
➡️ Step-by-Step Instruction: bit.ly/3TIMHX7
➡️ Should you find this tutorial helpful, we kindly request that you consider supporting our channel by subscribing to our KZbin channel or using the affiliated links and URL shortener links provided below. Through your purchase using any of the given links, we will receive a small commission, which we will use to expand our channel and enhance our services. We appreciate your support, and we remain committed to providing you with quality content. Full disclaimer: sysadmin102.co....
➡️ sysadmin102.co...
🌐 Website: sysadmin102.com/
✉️ Business Inquiry: service@sysadmin102.com
© SYSADMIN102™ LLC
0:00 Intro
0:34 Step 1: Skip this step. os-wireguard has been integrated to core.
1:15 Step 2: Configure the Wireguard Instance
3:40 Step 3: Configure the WireGuard client
7:40 Step 4: Configure the Peer
9:13 Step 5: Turn on/restart WireGuard
9:49 Step 6: Assign an interface to WireGuard (required if not setting NAT rules)
11:05 Step 7: Create firewall rules
13:53 Step 8: Create normalization rules
@sysadmin102 4 ай бұрын
os-wireguard has been integrated to core. You can skip the plugin installation step.
@bilinz 2 ай бұрын
Your videos finally helped me setup my wireguard after countless tries using other guides and I appreciate the update with the new peer generator! Keep it up!!
@sysadmin102 2 ай бұрын
Glad I could help
@olsenlid 7 ай бұрын
Thanks for the video. Quick tip: Keep the zoom-in, zoom-out to a minimum. Makes it really difficult to see which page you're on when skipping back and forth to catch up/rewind when doing it on your own computer.
@sysadmin102 7 ай бұрын
Thanks for the feedback!
@tice2229 2 ай бұрын
Dude! Thanks! 🙏🏼 I always get confused with setting up wg. This was amazing.
@sysadmin102 2 ай бұрын
Any time!
@TangDynasty1983 3 ай бұрын
Under Step 6 Interface Assignment, why wouldn't you set up an subnet and gateway (like 10.3.2.1/32) under IPv4 section? And under Step 2, why wouldn't you use 10.3.2.1/24 instead under tunnel ling address? you used 10.3.2.0/24. Why didn't you create a DHCPv4 under "Services" to hand out IPs for the wireguard subnet? Thanks a lot!
@sysadmin102 3 ай бұрын
/32 (or subnet mask of 255.255.255.255) refers to a single host (gateway in this case). 10.3.2.1 - 10.3.2.254 are useable IPs within 10.3.2.0/24 subnet address. Wireguard doesn't support DHCP, at least at the time this tutorial was recorded.
@zyghom 7 ай бұрын
I tried like million times to set WG server on my OPNsense. All failed miserably. So now I have WG but behind firewall. I will give ... one more try as I see that in your tutorial there are few other things. I shall let you know if I am a good student (and your good teacher). ;)
@sysadmin102 7 ай бұрын
Most people missed firewall rules/NAT rules or create interface to skip settings NAT rules
@zyghom 7 ай бұрын
@@sysadmin102 BLOODY HELLLLLL!!!!!! WORKING LIKE A CHARM FROM FIRST TRY!!! Believe me, I tried many "gurus" here on YT - you are the first one I succeeded ;-) Thanks so much!
@sysadmin102 7 ай бұрын
Your welcome!
@StanyCarteny 5 ай бұрын
Great work!!!! perfect my friend!!!
@anhtaionline123 5 ай бұрын
Do you even have to use the Port Forwarding feature in order to open the port if you don't have a static public IP address ? Mine's not working if missing that step even thought I'd used the DDNS on my setting. And will the clients also get access to the internet besides internal resources ? On the other hand, great work, the whole video was very carefully made and edited.
@sysadmin102 5 ай бұрын
The rules added allowing WAN connection to reach the VPN Server through the default port. DDNS is only to keep your public IP updated. Yes, if you follow my setup, the client will have access to internet as well.
@stevefxp 7 ай бұрын
Thank you...can you do a Wireguard S2S video on OPNsense?
@sysadmin102 7 ай бұрын
I’m currently busy with other projects, but it’s on the list.
@Felix-ve9hs 7 ай бұрын
2:11 I like to avoid this completely by using IPv6 ULA addresses with a random /48 prefix :)
@sysadmin102 7 ай бұрын
Whatever works for you, my friend. I only give the general guidance, the choice is always your.
@emanbuoy4218 4 ай бұрын
can you please make a video on how to set up wireguard to route all internet traffic via pia vpn on opnsense pls
@sysadmin102 4 ай бұрын
I will at a near future as I do not use PIA VPN.
@emanbuoy4218 4 ай бұрын
@sysadmin102 thank you, if it mullard vpn .. that works too..
@starfoxBR77 7 ай бұрын
Thank you. Last week I cold set ZeroTier working perfectly. Am I missing anything by not using wire guard?
@sysadmin102 7 ай бұрын
Never use ZeroTier before, so I can’t tell if you’re missing anything
@starfoxBR77 7 ай бұрын
@@sysadmin102 Thanks!
@zyghom 7 ай бұрын
yes, privacy, ZeroTier uses closed source controlled and not in your possession right? ;)
@starfoxBR77 7 ай бұрын
@@zyghom Ohhhh. Okok. That's a good point. I will reconsider Wireguard then! Shame that de Android app is so basic and no intuitive. Tks
@zyghom 7 ай бұрын
@@starfoxBR77 for WG you mean? true, but, you just make the config file (like the author of this video nicely showed), send it to the phone, import it and... voila. There is actually NOTHING to thinker there - ON or OFF ;-)
@grxkas5552 5 ай бұрын
wireguard is not a thing anymore? i cant find the plugin
@sysadmin102 5 ай бұрын
They removed it from time to time. Wireguard is still experimental on OPNSENSE.
@grxkas5552 5 ай бұрын
@@sysadmin102for those who dont have a DDNS is it still doable? i wnet over your vid 50 times i still dont find the answer
@sysadmin102 5 ай бұрын
It’s doable if you have static IP, if you don’t then DDNS is required. It’s only $10/years or you can use some free DDNS, just you won’t get the name you wanted.
@grxkas5552 5 ай бұрын
I do have a static IP I have 1 server in an data center with 30 static IPS and 1 server at home I wanna make an VPN tunnel so the server at home with dynamic IP uses the IPS from the data center for hosting but I fail to find a way to do it :(
@sysadmin102 5 ай бұрын
@@grxkas5552 then you can replace the DDNS with static IP anywhere I mentioned DDNS. A DDNS only used to update your IP for routing due to DHCP can assign a different IP address over time.
@MountainJack28 7 ай бұрын
Need a home setup....
@sysadmin102 7 ай бұрын
Meaning?
@MountainJack28 7 ай бұрын
@@sysadmin102 opnsense / vpn setup for whole home network.
@sysadmin102 6 ай бұрын
Unless you paid for a dedicated IP. It's annoying to get blocked from many site with the shared VPN IP.
@randydevone6686 5 ай бұрын
Bro I appreciate you trying to help but you speak to slow and chopped up. Work on trying to be cleared when speaking. English may not be your first language but you are hard to listen to. Just constructive criticism. Peace
@sysadmin102 5 ай бұрын
Appreciate the feedback.
@Gaming-Overlord 5 ай бұрын
I understood every word.... Ignorant
@AminAlSharif 2 ай бұрын
@@Gaming-Overlord The language is clear and understandable. But his voice is low. Need a better mic for sure
@tice2229 2 ай бұрын
Definitely had no issues with the language. It’s easy to understand.
@cihatovalioglu9861 2 ай бұрын
I get this error message and the Wireguard does not work. (OPNsense 24.1.6-amd64) wireguard /usr/local/opnsense/scripts/Wireguard/wg-service-control.php: The command `/sbin/ifconfig 'bridge0' addm 'wg0'' failed to execute
@sysadmin102 2 ай бұрын
Upgrade to 24.1.7 and see if that fix the issue.
@cihatovalioglu9861 2 ай бұрын
@@sysadmin102 24.1.7_4 Many thanks for the info, The tunnel is in place, but I can't ping anywhere. ping general error !!!! there is still a worm in there somewhere wireguard instance WG (wg0) started /usr/local/opnsense/scripts/Wireguard/wg-service-control.php: ROUTING: entering configure using 'opt3'
@DawidKellerman 4 ай бұрын
Hey add you sysadmin102 logo to the dashboard!
@sysadmin102 4 ай бұрын
Why?
@DawidKellerman 4 ай бұрын
@@sysadmin102 Soits there as branding during any of your videos
ТВ3 - сериалы и шоу
Рет қаралды 2,6 МЛН
Dave's Garage
Рет қаралды 618 М.
Digital Mirror
Рет қаралды 18 М.
Jim's Garage
Рет қаралды 59 М.