pfSense Restore - Wireguard

Tomcat5678 · July 24, 2022, 10:28pm

I upgraded hardware for my pfSense firewall and went through the normal restore process from the XML file. Reassigned interfaces, allowed packages to install / update in the background, etc. The one thing I ran into was in Wireguard my site-to-site connections would not establish a connection. I didn’t have a lot of time to dig into it yet but thought I would throw it out to the group if there were additional steps other than the restore of the XML to clone the settings (including Wireguard) to new firewall hardware.

My first thought was ‘did the public / private keys change for the tunnels / peers?’. I will dig into it later tonight but if anyone has either a confirmation of my thought or a different solution that would be greatly appreciated.

Thanks.

LTS_Tom · July 25, 2022, 11:01am

Wireguard will restore but if it was assigned an interface and you are restoring to another system that request the reassignment of interfaces it may not go to the right one as the interface won’t exist until the package is loaded.

Tomcat5678 · July 25, 2022, 11:09am

After the Wireguard package was installed I then went to interfaces and assigned, in my case, tun_wg0 and tun_wg1, to the correct items but still no luck. I will take a look again and confirm those assignments are correct.

LTS_Tom · July 25, 2022, 11:11am

We just went from a 5100 at the office to the 6100 and a second reboot got it all working for us.

Tomcat5678 · July 25, 2022, 11:13am

The standard “have you tried turning it off and on again” trick. That’s the easiest one I should have already tried!