Skip to content

Commit 28c4176

Browse files
author
philtlp
committed
docs: clarify Keepalive interval requirement for wireguard Site-to-Site VPN
Added a note emphasizing the importance of configuring the **Keepalive interval** for at least one peer when setting up a wireguard Site-to-Site VPN with two OPNsense firewalls. Without this configuration, the connection will not be initiated, and the VPN will fail to establish.
1 parent ddc211c commit 28c4176

File tree

1 file changed

+8
-3
lines changed

1 file changed

+8
-3
lines changed

source/manual/how-tos/wireguard-s2s.rst

Lines changed: 8 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -74,26 +74,31 @@ Go to tab **Peers** and press **+** to create a new peer.
7474

7575
Enable the *advanced mode* toggle.
7676

77-
====================== ====================================================================================================
77+
======================= ====================================================================================================
7878
**Enabled** *Checked*
7979
**Name** *wgopn-site-b*
8080
**Public Key** *Insert the public key of the instance from wgopn-site-b*
8181
**Shared Secret** *Leave empty*
8282
**Allowed IPs** *10.2.2.2/32 192.168.0.0/24*
8383
**Endpoint Address** *203.0.113.2*
8484
**Endpoint Port** *51820*
85-
====================== ====================================================================================================
85+
**Keepalive interval** *25*
86+
======================= ====================================================================================================
8687

8788
Press **Save** and **Apply**.
8889

8990
Go to tab **Instances** and edit *wgopn-site-a*.
9091

9192
====================== ====================================================================================================
9293
**Peers** *wgopn-site-b*
93-
====================== ====================================================================================================
94+
====================== ====================================================================================================
9495

9596
Press **Save** and **Apply**.
9697

98+
.. Attention::
99+
When setting up a Site-to-Site VPN with two OPNsense firewalls, you have to configure **Keepalive interval** for at least one peer.
100+
Otherwise no firewall will initiate the connection and the Site-to-Site VPN will never come up.
101+
97102
------------------------------------------------------
98103
Step 3b - Setup WireGuard Peer on OPNsense Site B
99104
------------------------------------------------------

0 commit comments

Comments
 (0)