- /
- /
- /
Configure a WireGuard Tunnel
To configure a WireGuard Tunnel:
- Navigate to VPN > WireGuard
- Click
Add Tunnel - Fill in the WireGuard Tunnel settings as described in WireGuard Tunnel Settings
- Click Add Peer
- Fill in the WireGuard Peer settings as described in WireGuard Peer Settings
- Repeat the add/configure steps for peers if there are multiple peers
- Click Save
- Add firewall rules on Firewall > Rules, WAN tab to allow UDP traffic to the port for this WireGuard tunnel (WireGuard and Rules / NAT)
- Add firewall rules on the common Firewall > Rules, WireGuard tab to pass traffic inside the VPN (WireGuard and Rules / NAT)
After configuring the WireGuard instance, there are a few more optional steps depending on the requirements of the use case:
- Navigate to System > Routing
- Set the Default gateway options to a specific gateway or group, as long as they are not left at Automatic
Warning : If the default gateway remains set to Automatic the firewall may end up using the WireGuard interface as the default gateway, which is unlikely to be the desired outcome.
- Assign the WireGuard interface as a new OPTx interface (Assign a WireGuard Interface)
- Add firewall rules specific to this tunnel on Firewall > Rules, OPTx tab to pass traffic inside the VPN (WireGuard and Rules / NAT)
- Setup one of the alternate routing methods as described in WireGuard Routing, if needed.