How to Install WireGuard on pfSense (Tutorial)
Вставка
- Опубліковано 30 лип 2024
- This tutorial takes a look at how to Install WireGuard on pfSense. The steps are clearly outlined to help you install the package, configure the tunnel, then the peer, and finally, connect using a WireGuard client.
✅ Written Instructions: www.wundertech.net/how-to-set...
📌 DuckDNS Setup: www.wundertech.net/use-duckdn...
📌 Clouflare DDNS Setup: www.wundertech.net/how-to-set...
🔔 Subscribe for more tech related tutorials and overviews: link.wundertech.net/ssYt
🚀 Product Recommendations: link.wundertech.net/rmYt
❤️ Check out our website: link.wundertech.net/wtYt
DISCLAIMER: The information in this video has been self-taught through years of technical tinkering. While we do our best to provide accurate, useful information, we make no guarantee that our viewers will achieve the same level of success. WunderTech does not assume liability nor responsibility to any person or entity with respect to damage caused directly or indirectly from its content or associated media. Use at your own risk.
WunderTech is a trade name of WunderTech, LLC.
0:00 Intro & Disclaimer
0:18 WireGuard Package Install
1:00 Tunnel Configuration
2:00 Interface Setup
2:58 Firewall Rules
3:48 Peer & Client Setup
11:40 Conclusion - Наука та технологія
I was ready to give up in the face of the difficulty of the task. You lit my path. THANKS!
This is excellent. It's not just a well made video, it's helping people with their security, their privacy, and their businesses. All of which genuinely makes the world a better place. Respect to you and thank you for taking the time to make this.
Thank you so much for the kind words!
Well done. Thanks. Exact, precise and to the point. Best ever wire-guard tutorial for pf-sense.
I appreciate the kind words, thanks so much!
This is an AWESOME tutorial!!! I love the server and client nomenclature, it makes so much more sense. The pace is perfect, very east to follow. I was very confused about where the various keys went, but now I understand. Thank you for taking the time to make this video.
Thanks a lot! Glad it was helpful!
Outstanding video Frank! So we’ll explained and easy to understand. I’ve haven’t used Wireguard, but with this video setting it up will be a breeze. Thanks so much!
Thanks so much, Tony! I really like WireGuard and even though I still run OpenVPN as a backup, I think you'll be very happy with WireGuard. Thanks again for watching and hope you enjoy the rest of the weekend!
I started this tutorial with not much hope but the result is just amazing since it worked immediately.
So far one of the best tutorials on the internet: Concise, to the point, fast paced (well, at my speed x1.4) and most importantly IT WORKS
Subscribed and looking forward for other gems of interest
Glad it helped!
Having the side-by-side with the notepad window and the Wireguard Windows client near the end was very useful, thank you!
Glad that it helped, thank you for watching!
By far the best explanation for setting up wire guard on pfsense.
Best Wireguard tutorial/explanations for pfSense!!
Thank you for your time to put this together!
A side note. If you want your Wireguard peers to access your internal network (LAN) then you don't have to create an interface for WireGuard as there is already a "WireGuard" rule tab created by the package. By default all WireGuard connections will be seen here. If you later start creating several WG tunnels and WG interfaces it gets messy unless you want to isolate the WG tunnels from each other.
Do you have an example of those rules, I see those rules empty on mine i think they called wireguard group on firewall
An outstanding tutorial as usual. Thanks for getting me up and running painlessly!
Thank you! This is an absolutely amazing tutorial. Easy to follow and concepts are well articulated. Worked first time right out the box.
Excellent video. Straight to the point. I was able to get it worked in one attempt. Thanks again for the awesome video!
This is the best explanation of wireguard setup, it can be used for any hardware/device you install wireguard on as it so well explained.
Thank you SO much for this video! Not only was I able to get pfSense all decked out with WireGuard, but I now have it setup on my laptop and my Android phone too.
Glad that it helped, thanks for watching!
Excellent. First video I found that explained it well enough for me to get it working!
Winner, winner, chicken dinner. The first modern and recent tutorial that got me up and running where all of your settings pages matched mine and you explained what goes where. I used an iPhone, but adapted it and it worked. Subscribed because of this. Thanks!
Thanks so much for the kind words - I'm glad that it helped!
Thanks for this. Your instructions are concise and worked great.
Dude! The written instructions are excellent. I was able to fix a botched setup from another video and setup two other devices. Nicely done! Subscribed and thumbs up.
I'm glad that the info helped! Thanks for watching!
Thank You ! This was very useful. Best ever WG split tunnel tutirial
Thank you so incredibly much for this tutorial! It really helped me to understand how to finally set it up.
Thank you!
The only tutorial I can actually follow and get to work! In the interfaces area, make sure MTU and MSS are both set to 1420 Thank you
Great information and thanks so much for the kind words!
I want to create a DMZ at home.
Gonna install pfsense as a "entry point" within the next days.
Was asking myself I could have 2 VPNs: One to reach the red zone and one for the green zone.
Looks like I found exactly what I need.
Great explanation. No blabla - Nicely compressed information on point.
Very good video!
Thanks for the kind words!
You make tutorials nice and easy to follow. 👍
Thank you so much for making this lovely video!!
I stumbled across this video as I was struggling slightly with setting WireGuard up on pfSense. This video was easy to follow, the right speed and the right amount of context to content. Happy to hit you up with a Subscribe as a result. Will watch more of your content. Thanks for the help.
Glad that it helped! Thanks for watching!
Very well made guideline, greatly appreciated!
THANK YOU! THANK YOU!!! Finally I got it to work!!. I tried with openvpn and followed many videos and did not work. Then I figured to try Wireguard and at the 3rd time of configuring I stumbled on your video and you explained the final settings and BAM! I was to connect remotely and use see my home network. Woot!
Glad you got it working!!
Awesome video and description. Was struggling with setting up my Android phone and your description which covered Android solved my problem. Thanks!
Awesome video tutorial, thanks for sharing!!!
My guy, this is amazing! subed! thanks again for this
Great tutorial, thank you.
Well done. Thanks, I've been working on this problem 2 weeks.
Omg this helped me so much. Thank you
Thank you very much, that was helpful :)
I love the pace of this video! Clear, concise and to the point. This is how all instructional videos should be on UA-cam. One thing I can't quite grasp, and that's probably a limitation of my understanding, is why you did a /24 in one case and a /32 in another? Are you deliberately trying to place the remote device outside the local LAN so as to avoid an IP address conflict?
Thanks so much! The locations where we use /24 and /32 match the "general" WireGuard setups on other devices.
/32 means a singular IP address, so wherever that is used, it is that IP address and that IP address only. /24 is for a range (254 total IP addresses), so we use that in locations where there are either multiple IP addresses or where we need to access other IP addresses on that subnet (like in the config file).
Great tutorial sir.
Can't believe how many other videos I tried and failed to get a working Wireguard VPN. Excellent video and naration. Thank you
Excellent! Thank you!
Awesome video. i was able set up the 1st time thru and have a successful connection. Now I have a WG template to set up my peers.
Glad that it helped!
Thanks for sharing, you got a new subscriber ;)
Great video Frank! Everything was explained super clearly. actually, this seems like the "go to" vpn option for me. Bravo for the super incredible explanation!
Thanks so much, Avi! I am a huge fan of WireGuard too - been very happy with the performance and usability!
@@WunderTechTutorials you know, they say that wireguard is the openvpn killer :-)
@@TechMeOut5 Couldn't agree more!
Best tutorial ever! Thank you!
Thank you so much!
Plain and simple the best of best for setting up WG.
Thanks for the kind words!
Thank you for posting this. I had followed Christian McDonalds guide to set up the road warrior configuration, but he didnt go into the split tunnel setup over on the client side. This was a special use case for me as I wanted a persistent VPN connection back to the home in order to watch surveillance camera network at home as well as my 3CX PBX system which I have a 3CX VOIP app on my phone that now connects to my LAN without leaving ports open to the world. Im all set now! Thanks again!
Glad that it helped, thanks so much for watching!
Well if you want want to access wireguard from outside you do need to open a port to the world
This is incredible
Great video! subbed
Thanks so much! Your videos are always incredibly informative and well done!
thank you so much
Thank you very much kind sir, you are my hero! you've made this so easy! Tom has some competition here! keep up the good work! cheers!
Thank you very much for the kind words!
@@shanemanboad2635 You will have to set up different clients with a different IP (for each client that you want to use). From there, they each should be able to access whatever you have on your local network!
Successful tunnel from my phone on the first trial. Thanks
Good video.
All great it worked :D but how do I set it up so the treffic from my android wireguard goes through pfblocker on pfsense? Thanks
A really nice tuorial. Thank you very much! Now my wireguard vpn is working!
I'm trying to set this up as a test, using my Android phone and pfsense box. On the Android side, I don't have many of the options you show in the Windows client app. There are only fields for Name, Private Key, Public Key, Address, Listen port, DNS servers, and MTU. That's it.
When I attempt to connect, my phone warns me that my "network has no internet access", and that "the private DNS server cannot be accessed". What am I missing?
Excellent tutorial. If I want both a split and full tunnel, can I duplicate the configuration and just changed the allowed IPs or do I need to create a secondary peer/tunnel config with its own set of keys?
Yes, you absolutely can!
I had a problem connecting between pfSense and client.
Solved it by adding a rule in pfSense. I had to make a firewall rule on the WAN interface allowing ICMP ping.
Why do you create a new assignment? Just add the IP in the Interface Adresses option when creating the tunnel.
Is there a performance benefit to running Wireguard on my Netgate 1100 as you teach in this video vs using Pivpn to install WG on a dedicated Ras-Pi?
No need to change if you're happy with it!
Hello, thank you for making this video.
One question though, for my setup, I had to setup a static routing, otherwise my client device wouldn't connect to anything on the network behind the pfsense server. I was only able to connect to the LAN address of the pfsense. Once I added a static route, I was then able to ping all the devices on my LAN. Hope this helps if anyone has the same problem.
That's strange - normally pfSense automatically does the routing. Either way, I appreciate you sharing the solution!
I previously had wireguard set up in my 192.168. by hand on a debian VM which worked flawlessly.
No I'm migrating to pfSense but it seems like even though port forwarding is enabled on all devices and my 'pass' rules are open, traffic is not rerouted via the pfSense WAN interface to the WG interface.
Not sure if the gateways need to be reconfigured but they look proper to me....
You shouldn't need port forwarding - only the firewall rule on the WAN interface. If you still have the other device using port forwarding, can you remove it?
Thanks man! Everything is working perfectly. I have only one question - on my pfsense firewall I have set Pihole server as my main DNS server - all of my lan devices use pihole as DNS server - but not devices connected via wireguard. Is it possible that devices conected via WG will use main DNS server of my pfsense (my local PiHole server)
What did you set as the DNS server in the client config? It might be as easy as just using the Pi-hole IP.
Thank you so much! However I used the included WireGuard interface created on the install of the package.
Excellent video. If I have dual WAN setup this configuration apply?
Thanks! There might be a few minor differences (I don't have a dual WAN setup so I can't really confirm), but it should be extremely similar.
Thanks a lot for this tutorial 👍 ... unfortunately, it does not work for me ... tried on pfsense 2.6 and 2.7 ... connection seems established but no traffic at all 😢
I got lost at the Windows client settting. I have a home network and wanting at this point all devices connected to my router pfsense 2.7 to go over NordVPN is wire guard just for remote connection to the router?
Yes, this is different. WireGuard will allow you to connect from external locations outside of your local network, to your local network.
I don't have a video on that specifically, but I did set it up using OpenVPN and NordVPN. There are other videos online that you can find that will walk you through the process!
I'd love to see a client configuration for the GL-Inet routers for wireguard. They're slightly different in that they do not generate their own priv/pub keys during client setup so I really cant figure it out.
I unfortunately don't have one of those routers, but I'll see if I can get my hands on one!
Well done! I'm glad I found your instructions and was able to successfully setup WireGuard. Do you know what the purpose of "WireGuard" under Interface Groups is for? It's also in Firewall Rules next to Floating rules.
Thanks! I'm not sure what the interface group is used for, but I know that the firewall rule section is if you want to create a firewall rule for all WireGuard tunnels (if you have multiple).
That's maybe one of the best tutorials i've ever seen! Thank you very much Frank!
I have 1 question. I know, NordVPN doesn't actualy provide wireguard configs on their website, but as i know, it's possible to ask their support to get manual config (they have 2 WG servers ) Have you tried this option? I'd like to go from openvpn to wg in near future. That kind of tutorial would be awsome!
Thank you so much! Glad that it was helpful! I haven't actually tried NordVPN's WireGuard configuration (didn't even know they had one, but I have used their OpenVPN config files for pfSense). I imagine that it would be extremely similar and you'd have to set the server/peer configuration. Where it might get harder is actually routing that traffic through the WireGuard VPN. I will definitely add it to my list to explore!
Not going to lie, lost hours on the /32 in peer setup only. /24 everywhere else. THANK YOU !
cant get this to work. using iphone 15 pro max. does the Allowed ips need to be within the range on your pfsense configured network? This video makes it seem like it can be literally anything you want. My home network operates in the 192.168.100.x realm. Does that mean i need to choose an ip in that range? instead of 10.200.0.x for instance?
If you follow this tutorial, it has to be in the 10.200 subnet. WireGuard clients will use that subnet, but if you defined something other than 10.200, you'll have to use that. Your local subnet is separate.
Could you create a video instruction for the Mikrotik router with pfSense firewall connection from WireGuard. Thank You.
I'll definitely look into it!
Please please PLEASE let me know if I understand this correctly: does this tutorial show how to set up Router 1 (that’s running pfSense) as a VPN Server using WireGuard, and subsequently shows you how to set up Router 2 as a client that connects to the VPN Server (Router 1) and routes all traffic to it, thereby attaining the IP address and geographic location of Router 1? I’m struggling so much to understand the highly technical jargon. Please help me understand I would appreciate it so much.
No, this tutorial doesn't. It sounds like you might to interested in setting up a site-to-site VPN which this video doesn't cover.
This video helps set up a WireGuard VPN so you can use devices like a phone, laptop, etc when you're outside of your home and connect to all the devices on that home network.
Great video! But I can't believe how incredible complicated this is. In unraid you click three times and it's done.
This video was well done!! Thanks for the time. Works like a charm EXCEPT for when I am at my work (even behind their "guest" WiFi). Any suggestions on how to get around their firewall preventing me form connecting to my WG VPN?
Thanks! There's a chance that they're blocking the WireGuard port. The only way to get around it (assuming it's that) is to use a different port as opposed to UDP 51820. A lot of people use TCP 443 in cases like that.
@@WunderTechTutorials Thanks! What was weeird is that I could start the connection while connected to my phone hotspot and then connect to the hospital guest wifi and the connection was maintained!
Thanks for tutorial but I have a question : when using a split tunnel, my internet connection is not working anymore (no able to nslookup an adress or ping an internet domain). Wireguard DNS setting is the local ip address of DNS server (on the pfsense side). But with a split tunnel internet connection has to be routed through my home internet provider, right ? Any idea ?
If you ping an IP address (8.8.8.8), does it work?
@@WunderTechTutorials In fact, I understand that the DNS settings are use for Lan access and also internet website. When I do a trace route, the internet connection works and go through my personnal internet provider. I was missing one of the pfsense interface (to dns server). Thanks for help.
Should i configure first on my ISP router the port forwarding?,
If you have two routers, yes, you're going to have to do it there as well. Just a heads up though, you sometimes run into issues when you have a setup like that so it might take some trial and error!
This is an excellent tutorial I was able to get it online but i have a question. My pfsense is a cloud based that runs wireguard I just want to know i have a Softphone on my Windows PC with wireguard installed is it possible to route only my softphone traffic on wirereguard? but browsing on the internet will still use my local network
I wish I could say, but I don't have any experience with Softphone. However, depending on if you are using pfSense locally as well, you most likely can. How exactly you'll do it will depend on many factors though.
@@WunderTechTutorials Hi I was able to run and configure the wireguard on my system i noticed I lost VPN if I have 2 or more concurrent connections
@@macky10229 Are you using different client profiles for all of them?
@@WunderTechTutorials Got it to work thanks for your feedback! It was the IP address i got 2 clients that has same IP.. But I do have another question my pfsense wireguard was hosted on a cloud Vultr.. Im concerned that my download and upload speed is bad less than 10Mbps.. I already disbaled the Hardware Checksum Offloading
Hardware TCP Segmentation Offloading but still getting slow results.. Any ideas?
@@macky10229 There are a lot of variables there unfortunately. I'd check the download/upload speed on the local device before connecting and if it's drastically higher, yes, there's a problem. If it's not, it's most likely normal speed loss.
excellent guide, but I have a problem when I create the second peer: that is, I create the first peer for Android, I configure it and everything is ok, then I create the second peer for Windows and from now on the second peer on Windows works correctly while the first peer establishes the connection but not does it allow you to access any resources anymore, why? if after I delete the second peer from pfsense the first one works correctly again
Thanks
Do you have separate peers configured? With separate IP addresses?
Nice video! Can you do a video on haproxy please ?
great video thanks. I have a super dumb question (apologies for how stupid this is): I have everything set up but the handshake is still red
1) endpoint: should I use my public IP address? Or do I need to creare a DDNS first?
2) how do I access my home network in practice (url)? is it the same as the endpoint I configured or something else?
Many thanks!
No dumb questions. If you have a static external IP address, yes, you can use it. However, if it's dynamic (most are), you'll have to set up DDNS.
What exactly do you want to connect to? Once you're able to connect, you should be able to access everything with the internal IP address (as if you were sitting at home).
@@WunderTechTutorials thanks for getting back to me. I suspect that my public address will be dynamic: I was trying to test it to then set up the DDNS.
I am trying to connect to the web gui of my pihole (I am finishing up a NAS, to which I'd aim to connect too).
Just to clarify: if I were to access the pihole GUI, should I simply type the IP address of it with the wireguard agent enabled? Or am I missing something?
Thanks a lot for your help!
@@valeriobianconi4042 That is correct. You would connect to the VPN, then type in the internal IP address and port. That should then push you through to the page (assuming the VPN is working).
Any reason an additional Wireguard interface shows up under Firewall/Rules 3:04 ?
The WireGuard tab is for rules that apply to all WG interfaces.
This might be a silly question (and I realize these videos are a couple of years old). Can you have an OpenVPN, Wireguard, and Tailscale set up on the same pfSense firewall? That way clients who are able to use each type can still connect. I plan on configuring a GL.iNet router with a VPN to my network, and I'm not sure what it uses (but I may also want to configure other devices with Wireguard and/or Tailscale in the future).
Yes, you should be able to. I haven't done it but I can't think of any conflicts in my head.
So I have the tunnel working, and am able to access pfsense at the tunnel address, I am wondering how to use remote desktop with the tunnel?
After connecting to the VPN, you should be able to put the local IP address into the remote desktop window and access it.
Do you have to forward 51820 port on a router to get pass through to pfsense server?
If you have a router in front of pfSense (and you're not using pfSense as your router), then yes. You'll have an additional setup that's not included in the video.
@@WunderTechTutorials Thank you very much, I am appreciated.
I cannot copy the Pre-Shared Key at WireGuard VPN Peer Configuration; the "(Copy)" seems not working. Does anyone have issue with this? Thanks
That's definitely weird. Does it allow you to display it and then copy it?
I got this set up and can connect from my laptop to my home network, but I can't ping or remote desktop into any of the computers on my home network. Please let me know what I need to do to make that happen?
Do you have any firewall rules blocking traffic?
@@WunderTechTutorials I found the problem, on WG_VPN interface I had the static IP set as /32 instead of /24. Changed that and all works now. Thanks so much for this video.
Awesome video. I used this setup for a Wiregaurd VPN connection from my phone to my home, and my mobile laptop to my home. When I connect to my home via the wireguard vpn from my laptop, on the interface statistics widget I get around 20-40 "errors out" per minute. I don't get the same result when connecting via wireguard vpn from my phone, that doesn't give me any "errors out" on the interface statistics widget on the dashboard.
The connection works from my laptop, but I'm not sure why I'm getting these errors. Running the VPN for about a half hour gives me 1000 "errors out." Any idea where I can start to try and fix this?
Any specific error that's associated with it? Or it just says "error"?
@@WunderTechTutorials
If you’re looking at the pfsense dashboard and have the interface statistics widget, under the WireGuard column you’ll see a few sections. Packets in/out, bytes in/out and errors in/out. Under errors out is where I see the number continually increasing while I have my laptop connected.
I found several posts about this issue on the netgate forums and on Reddit, but nobody ever has a fix for it.
Now we just need a tutorial for Steam deck client install.
can you also cover settingup a wireguard client who provide connection details please?
I'll add this to my list!
Would this work through a cloudflared tunnel? I'm just one of the lucky ones that are stuck behind a cgnat!
Not that I know of, but check out TailScale!
I'll check it out. Thanks
Okay, I did everything to the T when it came to this tutorial and I can connect. However I'm unable to access my NAS server.
Is the WG connection working properly? Any NAS firewalls?
@@WunderTechTutorials I'll have to check that out. Another person mentioned port forwarding as a possible solution, so a firewall issue seems like a good culprit. As I said, I can connect and through WG, I am able to change settings through the tunnel. The issue is the server,
Hi great vdeo! I have an issue the tunnel is working perfectly fine but i can't access any device on my lan network i can only browse the internet. Does anyone know how to solve this issue? Maybe an outbound rule issue.
Do you have a LAN firewall rule blocking access? I'd confirm all the firewall rules are configured properly first.
@@WunderTechTutorials i don’t know but i managed and everything is working fine now. Thanks for your reply. Do you plan to do a video about routing all of the network over vpn to hide our ip address?
@@_z_e_l_2391 Glad you got it working. I will add it to my list!
@@WunderTechTutorials thank you ! +1 subscriber
Hello, is it possible to mount a wireguard client in order to connect to a wireguard server ? Thank you.
Yes! You'll have to configure it as a secondary tunnel.
@@WunderTechTutorials can you do a tutorial(video or blog Kind) ?
@@_z_e_l_2391 I'll add it to my list!
@@WunderTechTutorials thanks, I have managed to create the tunnel and it seems running but the latest handshake was 15 hours ago. And I did not managed to route the Traffic via the gateway of thé vpn that I have created. It is like I have no internet. Can you help me maybe ?
@@_z_e_l_2391 If the handshake failed, I'm afraid it didn't work. It's hard to say what it could be, but if you go through and try and initiate the handshake again, maybe you can backtrack your steps.
I think you need to add an outbound NAT rule if you plan to use the full tunnel.
Exactly. Imo this so called guide is not useful at all. It shows no information whatsoever on how to set it up on Android. The android app doesn't have the same options as the windows client. You're better off watching one of Toms guides.
But if you combine the two, now you have some valuable useful info
Can i access my truenas pools/shared folders?
Yes, you'll be able to access anything locally.
where to get that private key at 10:14???
The private key should be generated by the WireGuard client.
Could you use a different port instead of 51820?
Yes, just make sure you use that port anywhere 51820 is referenced.
@@WunderTechTutorials Awesome! Thank you for the quick reply, also would it be too much to request for a video on setting up Linux on the end client side?
I'll add it to my list!
Any idea why my wireguard connection wont get access to my lan?
I would check the firewall rules and AllowedIPs to ensure it has the LAN subnet.
The AllowedIPs should be exactly as you described in the Wireguard app on my phone. For firewall rules I'm not so sure as I'm new to networking/pfSense but here they are:
In LAN rules I have these:
action - pass
interface - lan
address family - IPv4
protocall - any
source - any
destination - any
And i have an identical rule with IPv6
In WG_VPN i have this one:
action - pass
interface - WG_VPN
address family - IPv4
protocall - any
source - any
destination - any
Sorry if this is too much...appreciate your time!
@@WunderTechTutorials
The firewall rules seem like they would be fine, but it's hard to say with the limited knowledge on your setup. There's a lot you can do, but it might be best to check the logs and see if you can isolate what is/isn't wrong. The AllowedIPs/Firewall is a common issue so if yours is good, it's got to be something else.
After applying your firewall rules, I think I just lost access to my pfsense.. I can't ping it, I can't access the web-ui to add the peer. Weird. I guess I have to go back to factory defaults and setup again. 😒
There aren't any LAN firewall rules created in this tutorial, so I'm not sure how you lost LAN access.
@@WunderTechTutorials there's no LAN for me, so I messed up sth.. I have only WAN (goes to my router and outside) and Wireguard.. I wanna use it as a VPN to connect home. That's how I had it in the past, but lost the configuration after an issue.
@@Delijohn If you don't have a LAN, what exactly are you trying to access? Are the devices on another interface?
@@WunderTechTutorials I fixed the access actually.. now the .conf profile I created is not working.. :)
@@WunderTechTutorials my pfsense is on my local network. Just wan port, which goes directly to router.
Now Wireguard, will be a VPN server for the outside people. So I can connect from my mobile and laptop from anywhere to my local network. I don't care about access for the lan. I just want to get my pfsense's external IP. So if my pfsense is in Austria and my mobile (and me) in Australia, I wanna use my mobile with my Austrian external ip. That's what Wireguard will do for me. That's how I had it in the past.
Thank you for this tutorial! I've found that my tunnels stop handshaking after several days of this working successfully... does anyone experience this?
It could be killing the connection. You can play around with the keep-alive settings to keep the connection alive.
@@WunderTechTutorials Ah I had wondered what this setting was all about - could very well be the solution, thanks!