wireguard conf

rshad muhammad · Monday at 11:51 AM

hi,
would anyone share or show me how to configure wireguard using configuration files from vpn providers. in my case, its proton vpn.
i have tried few configurations, but seemed unsuccessful.
Thankx in advanced

xsouku04 · Monday at 5:55 PM

If you install wireguard-tools package, the usage of wg-quick is the same as on Linux, unless there is bug on wg-quick on FreeBSD and it does not work as intended.

hruodr · Monday at 6:15 PM

Download wireguard-tools package, download config files from proton, then use:

wg-quick up /full/path/to/config/file
wg-quick down /full/path/to/config/file

Where /full/path/to/config/file is downloaded from:

Proton

Our encrypted services let you control who has access to your emails, plans, files, and online activity. Free plans are available.

account.proton.me

Select file for Linux.

rshad muhammad · Tuesday at 3:43 AM

Thanks for the reply.
I'm connected to wireguard, I think so. Still I'm unable to connect to the net using those commands.
I'm using the gateway of my wlan0: 10.96.247.28, but my resolvconf is the gateway of the wg0

Code:

wg show
interface: pjs-CH-SG-2
  public key: 5kqPLgPavs/GmFUnTupuV4hW5ERSzX7AptaB7nMwhUQ=
  listening port: 30920
peer: XXXXXXX=
endpoint: xx.xx.xx.xx:51820
  allowed ips: ::/0, 0.0.0.0/0
  latest handshake: 19 seconds ago
  transfer: 2.64 KiB received, 1.05 KiB sent
route -q -n add -inet xx.xx.xx.xx -gateway 10.96.247.28
cat /etc/resolv.conf
# Generated by resolvconf
nameserver 10.2.0.1

hruodr · Tuesday at 7:18 AM

Do not change the gateway, wg-quick does all, it must work after giving above commands.

rshad muhammad · Tuesday at 7:26 AM

hruodr said:
Do not change the gateway, wg-quick does all, it must work after giving above commands.

I did not change it. The wrong gateway was given by wg-quick. It's the gateway for wlan0

xsouku04 · Tuesday at 5:05 PM

When I was testing wg-quick on FreeBSD it did not work for me. One of the steps needed was not finished properly. You could see it.
Now I use this way. https://forums.freebsd.org/threads/my-notes-about-setting-wireguard-the-freebsd-way.100032/

With that example you have to do the routing manually so wg-quick may be more comfortable.

If you want to get a help you should send the the result of the "wg-quick up" command. You only need to keep secret your private key and possibly public ip. And possible the routing before and after the command.

rshad muhammad · Wednesday at 4:03 AM

xsouku04 said:
When I was testing wg-quick on FreeBSD it did not work for me. One of the steps needed was not finished properly. You could see it.
Now I use this way. https://forums.freebsd.org/threads/my-notes-about-setting-wireguard-the-freebsd-way.100032/

With that example you have to do the routing manually so wg-quick may be more comfortable.

If you want to get a help you should send the the result of the "wg-quick up" command. You only need to keep secret your private key and possibly public ip. And possible the routing before and after the command.

rshad muhammad · Wednesday at 4:06 AM

fyi, i hv already tried all those steps before asking for assistance.
as noTiced to the thumbnail, the gateway is the gateway of wlan0. the gateway of vpn is different

rshad muhammad · Wednesday at 4:07 AM

i even use the same setup on openbsd. same issue too

putney · Wednesday at 7:40 AM

After seeing a few threads here re wireguard I decided to write up my notes on my own experience:

Using kernel Wireguard on FreeBSD (with credit to monwarez)

It's mostly about running my own VPN "server" in my home lab for remote laptop access. I did some playing with a FreeBSD "client" configuration for accessing it - that also works. But I haven't tried connecting to a commercial or any other VPN service from that, so I'm not sure how helpful it might be.

rshad muhammad · 2025-11-20T04:07:27+0000

putney said:
After seeing a few threads here re wireguard I decided to write up my notes on my own experience: Using kernel Wireguard on FreeBSD (with credit to monwarez) It's mostly about running my own VPN "server" in my home lab for remote laptop access. I did some playing with a FreeBSD "client" configuration for accessing it - that also works. But I haven't tried connecting to a commercial or any other VPN service from that, so I'm not sure how helpful it might be.

Thankx for the response. unfortunately, it still did not work. i found that i could not stop the wg0 service,

below is the setup i use i use in my rc.conf

cloned_interfaces="wg0"
ifconfig_wg0="inet 10.2.0.2/32 netmask 0xffffffff"
static_routes="wg0"
route_wg0="-net 45.83.126.1 10.2.0.1"

I took it from the forum n online. Thankx for the guys who gave the tips. with the above setup, it still did not work. what puzzles me is the "route" cmd did not change the getaway.
doas route -q -n add -inet 10.2.0.1/32 -interface wg0
it does not change the gateway. still using the getaway from the wlan0

my other setup manually;
doas ifconfig wg create name wg0
doas ifconfig wg0 mtu 1420
doas wg setconf wg0 /etc/wireguard/wg0.conf
doas ifconfig wg0 inet 10.2.0.2/32 alias
doas ifconfig wg0 up
doas route -q -n add -inet 0.0.0.0/1 -interface wg0
doas route -q -n add -inet 128.0.0.0/1 -interface wg0
doas route -q -n add -inet xx.xx.xx.xx 127.0.0.1 -blackhole
doas route -q -n add -inet 10.2.0.1/32 -interface wg0

did not work too.
i used to have another vpn provider. The setup was working. no issues. no dns leaks.
proton vpn came with a setup that include the privatekey n publickey. so, i did not use my private or publickey.
does anyone have a working setup for protonvpn???

xsouku04 · 2025-11-20T07:10:11+0000

Wireguard is easy to block. I found it is blocked in Egypt and it may be blocked in Pakystan after a while.
Is it possible it is blocked in your country?

In this case the only solution is to use VPN which is hard to recognize so difficult to block.

rshad muhammad · 2025-11-20T08:50:48+0000

xsouku04 said:
Wireguard is easy to block. I found it is blocked in Egypt and it may be blocked in Pakystan after a while.
Is it possible it is blocked in your country?

In this case the only solution is to use VPN which is hard to recognize so difficult to block.

i m using protonvpn. i prefer wireguard over opnvpn, which protonvpn offer.

xsouku04 · 2025-11-20T08:54:43+0000

Wireguard protocol is easy to block doing packet inspection. It could be a reason why it does not work for you. You can try the same settings with mobile phone or Windows or Linux computer to see if it works.
Protonvpn is good service but if wireguard is detected and blocked it does not work.

rshad muhammad · 2025-11-20T09:30:46+0000

xsouku04 said:
Wireguard protocol is easy to block doing packet inspection. It could be a reason why it does not work for you. You can try the same settings with mobile phone or Windows or Linux computer to see if it works.
Protonvpn is good service but if wireguard is detected and blocked it does not work.

it works on my android phone. maybe protonvpn does not support bsd variants yet. only certain unix-like oses.

xsouku04 · 2025-11-20T11:04:16+0000

rshad muhammad said:
it works on my android phone. maybe protonvpn does not support bsd variants yet. only certain unix-like oses.

Do you wireguard APP and the same confing on the phone? If you use special protonvpn app, the app is probably not using wireguard. But some changed hidden protocol not to be detected. You need to do test with the wireguard app. https://play.google.com/store/apps/details?id=com.wireguard.android&hl=en

rshad muhammad · 2025-11-20T15:05:10+0000

i downloaded the config from protonvpn site. each os uses their own config. i downloaded the app from the protonvpn github i try not to us playstore. i hv no issue on android, only on freebsd!!!

xsouku04 · 2025-11-20T16:17:07+0000

rshad muhammad said:
i downloaded the config from protonvpn site. each os uses their own config. i downloaded the app from the protonvpn github i try not to us playstore. i hv no issue on android, only on freebsd!!!

As far as I know there is only one wireguard config which works for all platforms. Maybe they thing it is more cool if they let you shoos the OS, but you should download the same. You protonvpn the app does not use wireguard ,but is using something different protocol, which hard to detect and block.
You can download real wireguard client for android here. https://download.wireguard.com/android-client/

rshad muhammad · 2025-11-20T16:57:52+0000

i downloaded the config from protonvpn site. each os uses their own config. i downloaded the app from the protonvpn github i try not to us playstore. i hv no issue on android, only on freebsd!!!

xsouku04 said:
As far as I know there is only one wireguard config which works for all platforms. Maybe they thing it is more cool if they let you shoos the OS, but you should download the same. You protonvpn the app does not use wireguard ,but is using something different protocol, which hard to detect and block.
You can download real wireguard client for android here. https://download.wireguard.com/android-cl

As far as I know there is only one wireguard config which works for all platforms
Try subscribing protonvpn paid version, esp plus version. Then you will understand what i m talkin about.
You can download real wireguard client for android here. https://download.wireguard.com/android-client/
Whats the difference between that n the one at protonvpn github???
Thankx anyway.

xsouku04 · 2025-11-20T17:22:03+0000

Protonvpn on github probably does not use wireguard. It is not wireguard client, but protonvpn client. Wireguard is very easy to detect and block, which makes difference.

wireguard conf

Attachments