wireguard

Hi all! Is it possible to load the wg-interface configuration through a setting in rc.conf without using the devd hook? On FreeBSD v.14 my wireguard service run under that config: # cat /boot/loader.conf | grep wg if_wg_load="YES" # # cat /etc/rc.conf | grep wg cloned_interfaces="wg"...

Mostly, I don't have a problem with tweaking the sudoers file and tried to read the manual carefully. But the Wireguard thing (and, I suspect, OpenVPN would've behaved much the same way) apparently involves spawning some other processes, which somehow, sudo doesn't cover. I change my VPN...

Hello, I want to change my firewall (FW) because it's not a freebsd machine. The freebsd machine will become my new firewall. The version is "13.2-RELEASE-p8 FreeBSD 13.2-RELEASE-p8 GENERIC amd64 I want to create a Wireguard VPN tunnel between my new firewall and the outside, but only for...

Everything was alright on 13.2 release, then I did binary upgrade to 14.0 release. Now I have to run service wireguard restart after each reboot to have the internet connection work. More details further down: I use x86_64 FreeBSD router, my setup is deviates from the usual in two ways: I have...

I started playing with wireguard on a pfsense router to try to see if I could overcome a CG Nat on a hotspot I want to use when visiting my mother a couple hours from home. I stay in an RV when up there and have a couple of options for internet (cellular and local wifi) that I now connect to...

I'm missing something obvious. Why NAT doesn't work in a Wireguard server to route clients' traffic? ext_if="vtnet0" wg_clients="10.40.0.0/24" nat on $ext_if inet from $wg_clients to any -> ($ext_if) The server's Wireguard IP address is 10.40.0.1, the client's - 10.40.0.30. Running tcpdump on...

Colleagues, tell me why I can't route another subnet through the wireguard? I have two computers, one is a router and the other is a client. The router has an interface with the address 172.16.0.1/24 and a wireguard interface with the address 10.20.0.1/24. The client has an interface with the...

Hello everyone, Over the last year and a half I have learned a lot about IPv6, but unfortunately I am limited by my available ISPs (only dynamic IPv6 prefixes or prohibitively expensive business contracts). So I was thinking about getting my own ASN and renting a PI /48 IPv6 prefix so I can use...

Hello, I tried for a quite some time to get it working, but unsuccessful so far. I hope to get some pointers here that will help me to learn more about FreeBSD, wireguard and networking, also the content might be helpful for others browsing the web for solutions. Note that I am very new to...

Preface I'm posting this in the Networking forum, though it could possibly be more valid in the Firewall forum. Moderators please move if required. Executive Summary I'm having an issue with very poor performance in one particular direction through a Wireguard tunnel between two FreeBSD 13.1...

Hi mates! During the boot my FreeBSD box start PF earlier than wg0 interface creates. Enabling pfno IP address found for wg0:network /etc/pf.conf:5: could not parse host specification pfctl: Syntax error in config file: pf rules not loaded /etc/rc: WARNING: Unable to load /etc/pf.conf. . [#]...

I'm trying to get NAT working in my basement. NAT is running fine on my gateway, but this is another situation. In this post, I'm trying to mix in enough detail without overloading. EDIT: I did get the NAT working. In the end, I did not use it. I have a 10.55.0.0/24 network in the basement...

I run FreeBSD 13.1 RELEASE on my RPi 3 Model B+. I want to set up Wireguard client on it, so I have installed wireguard from pkg. To run the client, I use wg-quick up /path/to/config. The command gives out no errors, I can access local hosts, but I cannot access the Internet. I believe this is a...

After upgrade to 13.1-RELEASE from 13.0-RELEASE-p11 at raspberry pi 3b+ wireguard kernel module or routing after wg interface is coming up doing strange thing. it defines route to wireguard server's ip address via ip address bound to wg interface, that is really strange. Removing wireguard...

Hi, I'm having issues with running wireguard in an iocage jail on FreeBSD 13.0-RELEASE-p10. The weird thing is, I also had issues with this on my TrueNAS Core system (12.2-RELEASE-p15), but after enabling the allow_tun option for the jail it now runs just fine there. Here's some config data...

Hi, i have site to site Wireguard vpn both client and server have static port first connection with this configuration successfully initiates. But when PPPOE connection gone (default route also removing from route table) and reestablished wireguard server never connect anymore with client port...

https://arstechnica.com/gadgets/2021/03/buffer-overruns-license-violations-and-bad-code-freebsd-13s-close-call/ This article is kind of negative, but I don't know what to make of it. The title says it's about FreeBSD, but it's really focused on something related to Wireguard for criticisms of...

I have successfully set up a jail following genneko's notes on setting up a jail in FreeBSD. However after installing and enabling Wireguard every single boot time, my jail has no network. I modified genneko's jails into making one jail by the way. Here's how my set up is looking at the moment...

Hi all, Since 2018 I have a FreeBSD server acting as a WireGuard "server". This server has an IPv6 tunnel, courtesy of Hurricane Electric (https://tunnelbroker.net) and I have successfully distributed those IPv6 addresses to the VPN peers, so they now live in the future. Every single one of...

Hello! I would like to ask, how can I install wireguard on my FreeBSD machine? Yea I know this sounds pretty bad, but I'm a noob and just started with FreeBSD. I found a tutorial on the official wireguard webpage (https://www.wireguard.com/quickstart/), but still don't know how. There was a...