On Fri, 7 Feb 2025 01:09:09 +0100 Odd Martin Baanrud <mar...@lb7ye.net> wrote:
> Hello, > > I have got access to some static IP*s via VPN using WireGuard. > The provider gave me config files for use with wg-quick(8) from the > WireGuard-tools package. > It works in linux. > However, I want to test it wit OpenBSD*s integrated wg(4) driver. > I*ve read the manual, but I can*t see which options that matches the wg-quick > config file. > Therefor, I wonder what options to use for PrivateKey, PublicKey, AllowedIPs, > Endpoint, and PersistentKeepalive. > > I can of corse use wg-quick, but I don*t see how to run it via rc(8). > > Regards, Martin. Yes, it can be confusing to map one to another. VPN providers usually give config file that looks something like this: ############################################ [Interface] Address = 10.10.10.10/32 PrivateKey = AAA_your_private_key_AAA= MTU = 1320 DNS = 1.2.3.4 [Peer] PublicKey = BBB_vpn_server_public_key_BBB= PresharedKey = CCC_preshared_key_CCC= Endpoint = 222.222.222.222:1637 AllowedIPs = 0.0.0.0/0 PersistentKeepalive = 15 ############################################ Translated to hostname.wg0 syntax, it would be something like below. I added comments, and commented out the rdomain and default route lines - those are specific to my setup here. DNS config is addressed somewhere else on OpenBSD. ####### /etc/hostname.wg0 ################## # Still unsure if "up" is needed here or not to be honest up # Optional - default mtu works too mtu 1320 # If running wireguard in different rdomain # rdomain 1 # Main config line. Trying to split it in several lines can cause issues in my experience. wgkey AAA_your_private_key_AAA= wgpeer BBB_vpn_server_public_key_BBB= wgpsk CCC_preshared_key_CCC= wgendpoint 222.222.222.222 1637 wgaip 0.0.0.0/0 wgpka 15 # Your local IP for the wg interface, from vpn config file inet 10.10.10.10/32 # Optional verbose logging # debug # Default route for rdomain 1 # !route -T1 add default -link -iface wg0 # Disable inet6 if needed # -inet6 ############################################ I hope this helps at least a little. -- Andre
