Skip to main content
All CollectionsRouter Setup GuidesPFSense
WireGuard Setup Guide for pfSense
WireGuard Setup Guide for pfSense
Richard avatar
Written by Richard
Updated over 6 months ago

Step 1

Login to website client page: https://privatevpn.com/account/login


Step 2

Proceed to Control Panel: https://privatevpn.com/control-panel


Step 3

Select your preferred VPN location.


Step 4

for this guide, we will select a Sweden-based server. Click Generate Config.


Step 5

Your WireGuard login will be generated below. Take note of the details.


Step 6

Go to pfSense web panel > System > Package Manager > Available Packages.

Search for WireGuard and then proceed to install.


Step 7

Go to VPN > WireGuard > Tunnels menu and then click + Add Tunnel button.


Step 8

Enter the following settings:

Tick Enable Tunnel

Description: PrivateVPN_WG

Interface Keys: (enter your WireGuard login PrivateKey)

Interface Addresses: (enter your WireGuard login Address)

Click Save Tunnel button.


Step 9

Proceed to Peers tab and then click + Add Peer button.


Step 10

Enter the following:

Tick Enable Peer

Tunnel: PrivateVPN_WG

Description: Stockholm (any name would do)

Untick Dynamic Endpoint

Endpoint: (your WireGuard login Endpoint)

*you can find the server list here.

Endpoint Port: 3389

Public Key: (your WireGuard login PublicKey)

Allowed IPs: 0.0.0.0/0

Click Save Peer button.


Step 11

Go to Settings tab, tick Enable WireGuard and then click on Save button.


Step 12

Proceed to Interfaces > Assignments menu. Select the WireGuard tunnel (tun_wg0) and then click on + Add button.

Then click OPT1.


Step 13

Enter the following settings:

Tick Enable interface

IPV4 Configuration Type: Static IPv4

IPv6 Configuration Type: None

IPv4 Address: (your WireGuard login Address)

Click Save button and then Apply Changes.


Step 14

Proceed to System > Routing > Gateways menu. Click + Add button.


Step 15

Enter the following:

Interface: OPT1

Address Family: IPV4

Name: PrivateVPN_GW

Gateway: (your WireGuard login Address)

Click Save button and then Apply Changes.


Step 16

Return to Interfaces > OPT1 menu.

Set the IPv4 Upstream gateway to PrivateVPN_GW.

Click Save button and then Apply Changes.


Step 17

Proceed to Firewall > NAT > Outbound menu.

Select Manual Outbound NAT rule generation.

Click on Save button and then Apply Changes.


Step 18

Locate the rule with the Description: Auto created rule - LAN to WAN. Click the pencil icon to edit mapping.


Step 19

Change the Interface from WAN to OPT1. Then set the Address Family to IPv4.

Click on Save button and then Apply Changes.


Step 20

Go to Firewall > Rules > LAN.

Click the pencil button with the rule: Default allow LAN to any rule.


Step 21

Click Display Advanced button and then set the Gateway to PrivateVPN_GW.

Click on Save button and then Apply Changes.

Did this answer your question?