OPNsense Wireguard: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
(→WAN) |
|||
| Zeile 118: | Zeile 118: | ||
| Destination Port (to) || any | | Destination Port (to) || any | ||
|} | |} | ||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
=generate the qrcode= | =generate the qrcode= | ||
Version vom 18. Februar 2026, 13:43 Uhr
Konfiguration
- VPN
- WireGuard
- Settings => General
- WireGuard
| Bereich | Einstellung | Wert |
|---|---|---|
| VPN → WireGuard → Settings | Enable WireGuard | aktiviert |
| VPN → WireGuard → Settings | Status | Enabled |
| VPN → WireGuard → Settings | Aktion | Apply |
WireGuard Instance – WG
- VPN
- WireGuard
- Settings
- Instances
- +
- Instances
- Settings
- WireGuard
| Parameter | Wert |
|---|---|
| Enabled | Ja |
| Name | WG |
| Instance | 0 |
| Public key | DaPF7JvnRYpNuXiFgo4Uqu/Yq9dmz0Gu8mijd4h... |
| Private key | gDvRj18foAvOVGTvZR6ca2ewRQBstGlg/I5cdPUA... |
| Listen port | 55555 |
| Tunnel address | 172.30.32.1/24 |
| Depend on (CARP) | None |
| Peers | |
| Disable routes | Nein |
| Debug log | Nein |
Interfaces
- Assignments
| Feld | Wert |
|---|---|
| Device | wg1 (WireGuard - WG) |
| Description | WG |
| Aktion | Add |
Firewall
WAN
- Rules
- WAN
- +
- WAN
| Parameter | Wert |
|---|---|
| Action | Pass |
| Disabled | Nein |
| Quick | Ja |
| Interface | WAN |
| Direction | in |
| TCP/IP Version | IPv4 |
| Protocol | UDP |
| Source | any |
| Destination | This Firewall |
| Destination Port (from) | 55555 |
| Destination Port (to) | 55555 |
| Log | Nein |
WireGuard (Group)
- Rules
- WireGuard (Group)
- +
- WireGuard (Group)
| Parameter | Wert |
|---|---|
| Action | Pass |
| Disabled | Nein |
| Quick | Ja |
| Interface | WireGuard (Group) |
| Direction | in |
| TCP/IP Version | IPv4 |
| Protocol | any |
| Source | any |
| Destination | any |
| Destination Port (from) | any |
| Destination Port (to) | any |
generate the qrcode
- qrencode -t utf8 < client1.conf
Peer Generator
- VPN
- Wireguard:
- Peer Generator
- Wireguard:
WireGuard Peer – client01
| Parameter | Wert |
|---|---|
| Instance | WG |
| Endpoint | opnsense.it213.xinmen.de:55555 |
| Name | client01 |
| Public key | 85X0PniiIqGxXLqrXwFsGy36uMFaVicvq+0uCFe3X... |
| Private key | APmUQ0ys0PcHfU0x4aTm+66fs0Z4iYSWOE7hLASPRG8= |
| Address | 172.30.32.4/32 |
| Pre-shared key | rppkqNldvezugnZaVNclK4XDPBvZPg+O1dSJVU6VG8= |
| Allowed IPs | 0.0.0.0/0, ::/0 |
| Keepalive interval | 10 |
| DNS Servers | - |
| Store and generate next | Ja |
| Enable WireGuard | Ja |
Die Konfiguration
[Interface] PrivateKey = APmUQ0ys0PcHfU0x4aTm+66fs0Z4iYSWOE7hLASPRG8= Address = 172.30.32.4/32 [Peer] PublicKey = DaPF7JvnRYpNuXiFgo4Uqu/Yq9dmz0Gu8mijd4h622E= PresharedKey = rppkqNldvezugnZaVNclK4XDPBvZPg+O1dSJVU6VG8= Endpoint = opnsense.it213.xinmen.de:55555 AllowedIPs = 0.0.0.0/0, ::/0 PersistentKeepalive = 10
Wireguard start
- sudo wg-quick up wg0
Wireguard stop
- sudo wg-quick down wg0
Wireguard show
- sudo wg show