pfSense Wireguard VPN Setup

eoghan · March 30, 2022, 11:12pm

Hi Guys

Hoping someone could help me,

I have recently setup a WireGuard VPN in a VM within my dedicated server using this docker to manage users etc

However my plan is this I would like to connect my pfSense to that WireGuard server but none of the guide that I have found seem to show how to set it up using your own VPN solution.

This is what my whole plan is:

Created an Adguard Home VM on that dedicated server.
Created my WireGuard/User management server.
Set the WireGuard server to look for dns on the Adguard server to block the nasties.
Create a user profile on WireGuard for my pfSense Firewall
Using the pfSense WireGuard plugin create a connection/gateway to #2
On pfSense route all DNS traffic via the VPN and all outgoing traffic on some docker containers on my unraid server

Its at step 5 I am getting stuck any help in importing my config from my WireGuard server would be great once i get that part out of the way step 6 will be plain sailing.

Hopefully i have explained my plan with enough detail and any help would be great.

Thanks
Eoghan

LTS_Tom · March 31, 2022, 10:58am

If this server is behind pfsense then why would you need to connect it to pfsense?

eoghan · March 31, 2022, 4:53pm

Hi Tom

The dedicated server in is a remote location and the pfsense is at my home address my ultimate goal was to route ally traffic via my Wireguard server to remove ISP blocks etc but that caused issues with iot devices. I did create a alias for my iot devices and made a firewall rule for those to go out my home ISPs network but for some reason they still weren’t happy.

LTS_Tom · April 1, 2022, 2:09am

I don’t have a write up on pfsense for that, but If you are going to have a Wireguard remote server it would make more sense to have a sever in the cloud:

wakko222 · April 6, 2022, 12:03am

I’m trying to do this also. I have a Vultr.com server with a docker-compose instance that sets up two instances of wg-easy. I want to be able to take a VLAN and force it to pass through my SG-1100 out to one of the Wireguard VPN’s. My next step it to get PFSense to connect out to my Vultr server. Wg-easy allows for importing a conf file or using a QR code to get the setup, but it sets up the entire connection from the server end. It very simple for a phone or computer, but I’m not sure to to make it work with PFSense.

eoghan · April 6, 2022, 12:07am

I was able to get my wg-easy to connect with my pfsense I’ll post the steps in the morning cause I’m at work at the moment. I just need to figure out how to get some home devices to route out my ISP network and not the Wireguard interface

BurntOC · August 20, 2022, 2:42pm

Hey there, I know this is a bit of an older topic, but do you mind sharing how you set that up, @eoghan ? I’d like to do the same.