Select the Local tab and click + to add a new Local Configuration. Go to the newly installed VPN => WireGuard menu item (you may need to refresh your browser) Add your local machine This was very straightforward, just go to System => Firmware => Plugins and click the + next to the os-wireguard in the Plugins tab. Here's a screenshot to feast your eyes on the beautiful UI. I'm not going to discuss the relative merits of one vs the other, as it's an emotive issue, but I will say that I don't have any regrets on my decision to migrate. The advantage of this was there was little risk of me leaving the family without a working internet connection and incurring the wrath of the wife, and it actually worked out so well, I've kept both the virtualised PFsense instance and also created a backup OPNsense virtual machine, which can utilise a backup of my settings from the bare metal install should I ever need to do so. Manually migrated my PFsense configuration to OPNsense on bare metal.Wiped my bare metal PFsense instance and installed OPNsense.Virtualised my current PFsense instance.
Long story short, it's not difficult to migrate, but you can't import your PFsense configuration directly into OPNsense, so I used a multistep approach. OPNSenseįor a long time I have been using PFsense, however, they don't seem to have any impending plans to implement WireGuard, and the interface of OPNsense is prettier to my eye, so being the sucker to eye candy that I am, and keen to try out WireGuard, I decided to migrate. I do however have occasion to use my laptop at work, and it would be useful to be able to access my LAN and my ever growing pool of services, and quite frankly, I don't want my traffic visible to all and sundry whilst I'm doing so, I previously used OpenVPN for this, but WireGuard is somewhat lighter on resources, so I decided to migrate. Thirdly I often have to connect to a public WiFi access point at work, yeah, yeah, I know, it's difficult to believe in this day and age that I don't have access to a staff designated WiFi network, but it is what it is. Secondly, I have Adguard installed on a Pi on my LAN, so by using that as my DNS when connected to WireGuard, I get ad blocking when I'm out and about. Note: All keys used shown in the screenshots are no longer in use and were created solely for the purposes of this post, no need to warn me, or try them out, I guarantee they've been nuked from orbit.įirstly, it doesn't drain my battery like OpenVPN on my phone, opening up the possibility to leave it connected for much longer periods. WireGuard has been causing quite a stir in networking over the last year or so, promising an easier way to manage VPN connections, and has some interesting benefits from my point of view.
0 kommentar(er)
