Hi,
Thanks for the man page pointer. I cannot believe I didn't think to
look there. A bit embarrassed now.
Cheers,
Steve W.
On 23/12/2020 1:16 p.m., Stuart Henderson wrote:
On 2020-12-23, Steve Williams <st...@williamsitconsulting.com> wrote:
Hi,
With OpenBSD 6.8 installed, I'm investigating switching from OpenVPN
over to Wireguard.
This is for roadwarrior with Windows 7/10 laptops to access my OpenBSD
6.8 server.
All I can find is wg(4) for reference. It has kind of an interesting
example, but I am struggling a bit without the "big picture". I don't
mind doing my own reading, but the only additional documentation I can
find is the Whiteguard whitepaper which is Linux and doesn't mention
"wgendpoint"...
Is it necessary to use routing domains? I don't believe so as I've
never done that with any other interface.
No.
Where are the various wireguard parameters to ifconfig documented? From
the example:
ifconfig wg1 create wgport 111 wgkey `openssl rand -base64 32`
rdomain 1
Have a read of https://man.openbsd.org/ifconfig#WIREGUARD and ask
again if something is missing. (Also check the updated wg(4) manual on
man.openbsd.org too, it is a bit better than the manual in 6.8).
The info for wgaip talls about a "routing table" which is a bit of an
unfortunate name as it's nothing to do with "rtable" routing tables,
it's internal to the wg instance (wg0/wg1/whatever). This relates to
what the wg(4) manual says about Allowed IPs.
