Wireguard Puffy to OPNsense
WG Tunnel between OpenBSD and OPNsense
How to Setup an WG Tunnel between OpenBSD and OPNSense ? That’s quite simple …
OpenBSD
Install Packages
pkg_add wireguard-tools--
Gen Key Onliner
wg genkey | tee privatekey | wg pubkey > publickey
Build Interface
r=$(openssl rand -base64 32)
remote_ip="1.2.3.4"
remote_net="192.168.0.0/24"
cat << 'EOF' > /etc/hostname.wg0
# WG Tunnel to OPNsense
wgkey ${r}
wgport 51820
wgpeer xxxxx - PUBLIC-KEY-OF-REMOTE-HOST - xxxxx= wgendpoint ${remote_ip} 51820 wgaip ${remote_net}
inet 10.0.0.1/24
!route add ${remote_net} 10.0.0.2
up
EOF
sh /etc/netstart wg0
ifconfig wg0
update pf.conf
# skip on wg Interface
set skip on { lo0 wg0 }
# Wireguard
pass in log quick inet proto udp from ${remote_ip}/32 to (self) port 51820
OPNsense
Install Wireguard
Menu System -> Firmware -> Plugins -> Install Wireguard