This tutorial takes a look at how to Install WireGuard on pfSense. The steps are clearly outlined to help you install the package, configure the tunnel, then the peer, and finally, connect using a WireGuard client.
✅ Written Instructions: https://www.wundertech.net/how-to-set-up-wireguard-on-pfsense
📌 DuckDNS Setup: https://www.wundertech.net/use-duckdns-to-set-up-ddns-on-pfsense/
📌 Clouflare DDNS Setup: https://www.wundertech.net/how-to-set-up-ddns-on-pfsense-using-cloudflare/
🔔 Subscribe for more tech related tutorials and overviews: https://link.wundertech.net/ssYt
🚀 Product Recommendations: https://link.wundertech.net/rmYt
❤️ Check out our website: https://link.wundertech.net/wtYt
DISCLAIMER: The information in this video has been self-taught through years of technical tinkering. While we do our best to provide accurate, useful information, we make no guarantee that our viewers will achieve the same level of success. WunderTech does not assume liability nor responsibility to any person or entity with respect to damage caused directly or indirectly from its content or associated media. Use at your own risk.
WunderTech is a trade name of WunderTech, LLC.
0:00 Intro & Disclaimer
0:18 WireGuard Package Install
1:00 Tunnel Configuration
2:00 Interface Setup
2:58 Firewall Rules
3:48 Peer & Client Setup
11:40 Conclusion
Excellent tutorial. If I want both a split and full tunnel, can I duplicate the configuration and just changed the allowed IPs or do I need to create a secondary peer/tunnel config with its own set of keys?
Thank you so incredibly much for this tutorial! It really helped me to understand how to finally set it up.
Thank you!
A side note. If you want your Wireguard peers to access your internal network (LAN) then you don't have to create an interface for WireGuard as there is already a "WireGuard" rule tab created by the package. By default all WireGuard connections will be seen here. If you later start creating several WG tunnels and WG interfaces it gets messy unless you want to isolate the WG tunnels from each other.
I cannot copy the Pre-Shared Key at WireGuard VPN Peer Configuration; the "(Copy)" seems not working. Does anyone have issue with this? Thanks
Awesome video tutorial, thanks for sharing!!!
I don't have a static IP, I am using DDNS, but I also can't forward any ports. Is there a way to set this up or am I going to have to use something like headscale?
Well done. Thanks, I've been working on this problem 2 weeks.
This video was well done!! Thanks for the time. Works like a charm EXCEPT for when I am at my work (even behind their "guest" WiFi). Any suggestions on how to get around their firewall preventing me form connecting to my WG VPN?
Well done! I'm glad I found your instructions and was able to successfully setup WireGuard. Do you know what the purpose of "WireGuard" under Interface Groups is for? It's also in Firewall Rules next to Floating rules.
Dude! The written instructions are excellent. I was able to fix a botched setup from another video and setup two other devices. Nicely done! Subscribed and thumbs up.
Nice video! Can you do a video on haproxy please ?
Hi great vdeo! I have an issue the tunnel is working perfectly fine but i can't access any device on my lan network i can only browse the internet. Does anyone know how to solve this issue? Maybe an outbound rule issue.
I want to create a DMZ at home.
Gonna install pfsense as a "entry point" within the next days.
Was asking myself I could have 2 VPNs: One to reach the red zone and one for the green zone.
Looks like I found exactly what I need.
Great explanation. No blabla – Nicely compressed information on point.
Very good video!
Great tutorial sir.
Plain and simple the best of best for setting up WG.
I previously had wireguard set up in my 192.168. by hand on a debian VM which worked flawlessly.
No I'm migrating to pfSense but it seems like even though port forwarding is enabled on all devices and my 'pass' rules are open, traffic is not rerouted via the pfSense WAN interface to the WG interface.
Not sure if the gateways need to be reconfigured but they look proper to me….
Thank you! This is an absolutely amazing tutorial. Easy to follow and concepts are well articulated. Worked first time right out the box.
My guy, this is amazing! subed! thanks again for this
Thanks for sharing, you got a new subscriber 😉
Omg this helped me so much. Thank you
This is an excellent tutorial I was able to get it online but i have a question. My pfsense is a cloud based that runs wireguard I just want to know i have a Softphone on my Windows PC with wireguard installed is it possible to route only my softphone traffic on wirereguard? but browsing on the internet will still use my local network
Best Wireguard tutorial/explanations for pfSense!!
Thank you for your time to put this together!
THANK YOU! THANK YOU!!! Finally I got it to work!!. I tried with openvpn and followed many videos and did not work. Then I figured to try Wireguard and at the 3rd time of configuring I stumbled on your video and you explained the final settings and BAM! I was to connect remotely and use see my home network. Woot!
Why do you create a new assignment? Just add the IP in the Interface Adresses option when creating the tunnel.
This is excellent. It's not just a well made video, it's helping people with their security, their privacy, and their businesses. All of which genuinely makes the world a better place. Respect to you and thank you for taking the time to make this.
After applying your firewall rules, I think I just lost access to my pfsense.. I can't ping it, I can't access the web-ui to add the peer. Weird. I guess I have to go back to factory defaults and setup again. 😒
I started this tutorial with not much hope but the result is just amazing since it worked immediately.
So far one of the best tutorials on the internet: Concise, to the point, fast paced (well, at my speed x1.4) and most importantly IT WORKS
Subscribed and looking forward for other gems of interest <3
Great video! But I can't believe how incredible complicated this is. In unraid you click three times and it's done.
Excellent information here, so I added it to my cybercentric T-channel (FlynnInfoSec1). As a recent NG6100 owner, it is nice to have such a great resource!
Could you create a video instruction for the Mikrotik router with pfSense firewall connection from WireGuard. Thank You.
Can i access my truenas pools/shared folders?
Thanks for this. Your instructions are concise and worked great.
can you also cover settingup a wireguard client who provide connection details please?
Needlessly complicated. We can't use a solution unless it's almost zero-config on the user side. FortiClient is an example of good solution.
Excellent video. Straight to the point. I was able to get it worked in one attempt. Thanks again for the awesome video!
I think you need to add an outbound NAT rule if you plan to use the full tunnel.
Thank you very much, that was helpful 🙂
Thank you for this tutorial! I've found that my tunnels stop handshaking after several days of this working successfully… does anyone experience this?
Great tutorial, thank you.
Is there a performance benefit to running Wireguard on my Netgate 1100 as you teach in this video vs using Pivpn to install WG on a dedicated Ras-Pi?
Do you have to forward 51820 port on a router to get pass through to pfsense server?
great video thanks. I have a super dumb question (apologies for how stupid this is): I have everything set up but the handshake is still red
1) endpoint: should I use my public IP address? Or do I need to creare a DDNS first?
2) how do I access my home network in practice (url)? is it the same as the endpoint I configured or something else?
Many thanks!
Thank you very much kind sir, you are my hero! you've made this so easy! Tom has some competition here! keep up the good work! cheers!
Awesome video and description. Was struggling with setting up my Android phone and your description which covered Android solved my problem. Thanks!