Wireguard VPN Client Internet Traffic Not Recognized

Follow
Lee

So after seeing that Zenarmor is not recognizing any Internet traffic from my Wireguard-kernel version and it also show only local traffic from wrong source interface. I found this Reddit post about wireguard-go plugin fixing that issue https://www.reddit.com/r/zenarmor/comments/13vaebn/troubleshooting_zenarmor_integration_with), so I uninstalled the kernal version and then installed the go version w/o any issue or re-configuration needed. I also tried restarting the Zenarmor packet engine....
BUT this did NOT resolve the issue. Zenarmor still does not see any wireguard vpn client Internet traffic and it only see the local traffic.
I did not see any performance hit switching from the kernel to the go version of the wireguard plugin.
However, I plan on switching back to the kernel version until I get a resolution from Zenarmor support.

Then I read and posted here: https://forum.opnsense.org/index.php?topic=33927.0

I also opened a Zenarmor support ticket.

0

Comments

1 comment

Date Votes
  • Official comment
    Matt

    Hi @Lee,

    OPNsense 24.1 RC1 has the wireguard kernel mode netmap support available. Any chances you can give that a try? Or alternatively you can wait for 24.1 to be generally available. 

    With OPNsense 24.1 and Zenarmor 1.16.1 and forward, Zenarmor (and Suricata in IPS mode) is able to handle kernel mode wireguard as well. 

    Comment actions Permalink

Please sign in to leave a comment.

Didn't find what you were looking for?

New post
Powered by Zendesk