Add to Favourites    Print this Article

How to Setup the Latest pfSense Wireguard Client

Step 1) Log in to your pfSense router.

Step 2) Head to System>Package Manager>Available Packages and search for wireguard, click Install to install the wireguard package.


Step 3) Navigate to VPN>WireGuard and click +Add Tunnel.

Enable: Checked

Description: TorGuard VPN

Listen Port: Leave Blank

Interface Keys: Click generate to generate both private and public keys.

Then, click Save Tunnel

Step 4)
Click Peers and then +Add Peer



Step 5)
Head to the TorGuard Config generator here and generate your Wireguard config, select the wireguard tunneltype, choose your location or enter your Dedicated IP and then enter your TG VPN credentials:



Step 6) Set your settings to match below:

Enable: Checked

Tunnel: Select tun_wg0 (TorGuard VPN)

Description: TorGuard VPN

Dynamic Endpoint: Uncheck

Endpoint: Set the IP address listed in your wireguard config generated in the previous step and then enter the Endpoint Port which will be: 1443

KeepAlive: 25

Public Key: Enter the public key from the TorGuard config you generated on step 5

Allowed IPs: Enter 0.0.0.0/0

Then click Save Peer.



Step 7)
Now head to Settings and check "Enable WireGuard" and click Save.



Step 8)
Navigate to Interfaces>Assignments and click the +Add button beside Available Network Ports: tun_wg0 and then click Save. The network then becomes OPT1 or similar.

Step 9) Click the OPT interface name link and put a checkmark beside Enable.

Step 10)

Change the description fromOPT1 to WG_TG

In the IPv4 Configuration Type set this to Static IPv4

In the Set IPv4 Configuration section, set the IPv4 Address to the same IP address that was assigned in the wireguard config. The subnet mask is /32.

Beside IPv4 Upstream Gateway, click the + Add a new gateway button

Change the Gateway name to WG_TG_GWV4

Set the Gateway IPv4 to the same IP from your WireGuard config generated earlier

Click the Save button and click the Apply Changes button.



Step 11) Navigate to Interfaces>LAN and set MSS to 1412 and then click Save and Apply Changes

Step 12)
Firewall Configuration:

Navigate to Firewall>NAT >Outbound.

Select, so that Manual Outbound NAT rule generation is checked



Click on Save.

Click on Apply changes.

A few new rules will be displayed under Mappings. Next to each rule, you will find three buttons under the Action category; Edit, Copy and Delete. Click on Copy next to each one and select tun_wg0 as the Interface.



Click on Apply changes.

Step 13)
Verify your connection:

Browse to https://torguard.net/whats-my-ip.php and make sure your IP has now changed.

 



Also Read