Setup Cloudflare for Teams (Zero Trust) WireGuard Config with Pfsense – IPv6 and v4 with full speed
CloudflareFetch the WireGuard configuration information
Enter: adb pull /data/data/com.cloudflare.onedotonedotonedotone/shared_prefs/com.cloudflare.onedotonedotonedotone_preferences.xml in Command Prompt. The settings file will be placed in the platform-tools folder. Open it with your browser or any editor like editor++.
From the xml, dig down the following information for the wiregaurd config settings to test on the wiregaurd app before we heads up in the pfsense to setup the Cloudflare VPN and Getaway on IPv6 and IPv4. Like me, I have a 1 Gbps HO (hyperoptic) ISP, that does provide IPv6, but it is hard to configure in Pfsense; therefore, I am using Cloudflare IPv6 and V4 so I can utilise the full bandwidth and IPv6 in my Pfsense box.
Look for the following information in the xml file:
- Peer Public Key
- Peer IP Address
- Peer Port
- Client IP/s
- Client Private Key
- MTU
Example:
[Interface] Address = 10.0.0.2/32, 20a1:a:b:212a::1 PrivateKey = <contents-of-client-privatekey> DNS = 1.1.1.1 [Peer] PublicKey = <contents-of-server-publickey> Endpoint = <server-public-ip>:51820 AllowedIPs = 0.0.0.0/0, ::/0
Once all the config information fetched, go to the wireguard app and import it and see if its connected. if not make sure you have the right information from the xml file you fetched.
Thanks to Parker and Van tech corner to make it more smooth the implementation:
- https://parkercs.tech/cloudflare-for-teams-wireguard-config/
- https://www.youtube.com/watch?v=MPRLKtXt_lQ
- https://www.wireguard.com/quickstart/
- https://github.com/pirate/wireguard-docs
Now, head to the Pfsense
Leave a Reply
Want to join the discussion?Feel free to contribute!