SSH to your OPNsense router
pkg update && pkg install wireguard && pkg install wireguard-go
Your privacy and security is the core focus of OVPN. That's why we've implemented a multi-layered security model.
Learn moreIn the terminal, execute:
Press Enter to finalize the command.
To connect to OVPN, type the following into the terminal:
wg-quick up {{ props.config }}
To disconnect from OVPN, type the following into the terminal:
wg-quick down {{ props.config }}
Sign into the OPNsense web interface.
Navigate to System → Settings → General. Set the DNS servers to:
Make sure Allow DNS server list to be overridden by DHCP/PPP on WAN is not selected. However, Do not use the local DNS service as a nameserver for this system should be selected.
Navigate to Interfaces → Assignments. Click on the orange plus icon.
Make sure Enable interface and Prevent interface removal are selected. Afterwards, click on Save and Apply changes
Navigate to Firewall → NAT → Outbound. Click on Hybrid outbound NAT rule generation.
Click on Save. Click the orange plus icon under Manual rules, and then click Edit on the newly generated rule.
There are three modifications that need to be done. Everything else should be left as-is. The changes are:
Click on Save and Apply changes.
You should now be connected to OVPN and be able to browse the internet safely. To make sure everything was set up correctly, please check the dashboard to verify that you are connected.
In case you get connected to OVPN in the WireGuard application, but don't have any internet connectivity, please read the troubleshooting article for WireGuard.
If your configuration files don't get imported, read our article about adding your private key manually in the configuration files.