Wireguard - Split Tunnel - Between Raspberry Pi and Firewalla Gold

Comments

8 comments

  • Avatar
    Xfirewallx+firewalla

    That Post is hot, thanks dude.

    0
    Comment actions Permalink
  • Avatar
    Brandon Johnson

    Where did you find the publickey on your firewalla at? I have looked through all wireguard directories via SSH and cannot find it. I have another wireguard server in the cloud that I want to connect my firewalla at home to as a client and need the firewalla client publickey to add the peer endpoint to my cloud WG.

    0
    Comment actions Permalink
  • Avatar
    James Willhoite

    just generate the config file from the UI, download it, then modify it to not direct all traffic, just the subnets you need. The PubKey will be inside that configuration file you download.

    0
    Comment actions Permalink
  • Avatar
    Brandon Johnson

    I am trying to use the VPN Client 3rd party in the firewalla to connect to a cloud wireguard server. I don't see an option to download other than when adding VPN clients to the Firewalla wireguard VPN server. I need the firewalla publickey to be able to add it to the wg0.conf file on the cloud wireguard server as a peer.

    0
    Comment actions Permalink
  • Avatar
    James Willhoite

    So you are going from the cloud to your firewalla? That would be a client then...... You would just add a new client and then download the profile, install on the cloud and connect (default is route ALL traffic through from client to firewalla, might have to adjust that if you want split-tunnel).

    0
    Comment actions Permalink
  • Avatar
    James Willhoite

    Anyway, the public key is inside that config file, download it and look for PublicKey

    0
    Comment actions Permalink
  • Avatar
    Brandon Johnson

    WireGuard in the cloud is the server and the Firewalla would be the client. As with other clients, I add the publickey and allowed IP’s manually to the wg0.conf file on the cloud WireGuard server. I just can’t find the publickey that is needed from the firewalla.

    0
    Comment actions Permalink
  • Avatar
    James Willhoite

    Wouldn't you generate everything you need on the server then (public/private keys), generate the config file, and then upload to the Firewalla? The Firewalla UI generates a conf file with the client private key, and public key to allow the connection.

     

    Quick google search got this site that walks through how to generate the private/public keys you would need on the server side of things.

    https://www.wireguard.com/quickstart/

    0
    Comment actions Permalink

Please sign in to leave a comment.