Wireguard Docs nothing like the quick start

I just fought my way through… :slight_smile:

The ‘road warrior’ section does not talk about full tunnel… ie using your vyos router as the outbound…

no mention of something like:

set nat source rule 110 outbound-interface 'eth1'
set nat source rule 110 source address '192.0.2.240/28'
set nat source rule 110 translation address 'masquerade'

and same with service dns:

set service dns forwarding allow-from '192.0.2.240/28'
set service dns forwarding listen-address '192.0.2.254'

While I could generate this afterwards:

 generate wireguard client-config <name> interface <interface> server <ip|fqdn> address <client-ip>

the config never seemed to attach to the server…

but I could only use that command after I commit;save the config… but I could only do that after I had a working client saved…

I’ll keep re-reading the docs to see if there is someway to make them more streamlined like the quick start…

Thanks for reading…

Hi @bcook
Could please share share

  • Which version of VyOS are you using?
  • Configuration
  • Your use case diagram

After generate the configuration, there will be some indicated information like set xxxxx command to let you run it on vyos. then you can commit and save. the generate command didn’t directly run wireguard set command, need you to do it manually