If the server private key is missing from the INI file, a new key pair will be generated using libsodium which will then be used to populate the configuration output. That resulting key pair will be used to populate the configuration output. If the INI contains a server private key, it will be used to derive a public key. The WireGuard bootstrap has a number of options. The goal with this process is to have the permanent WireGaurd private key generated on the OPNsense instance and never to have been transmitted at any time. This is to allow the user or automation to create a permanent WireGuard VPN interface at wg0 then delete the bootstrap. The interface occupies instance 1, therefore the device will be wg1 rather than wg0. If a WGB section is provided in the INI, then a working WireGuard VPN interface will be available for immediate connection. WireGuard BootstrapĪn optional feature is the WireGuard bootstrap. If an OPT section of the INI contains a dhcp_start field, then a DHCP configuration section will be included that corresponds to that interface. Each may include a description that would result in the display name of the interface being Servers rather than OPT2 for example. MacOS shortcut leading to OPNsense consoleĪny number of optional network interfaces beyond the basic WAN and LAN can be included in the INI as OPT sections. There are five potential output files: Filename More information about the OPNsense importer can be found here. Included in this package are a command line interface and a class which is importable into Python scripts and other applications. The end result is a minimal working configuraion with interfaces fully configured. The intent is for the file to be used during the installation process by the OPNsense Importer. This package takes a Python ConfigParser formatted INI file and generates a ready to use config.xml file for OPNsense.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |