,

Setup Cloudflare for Teams (Zero Trust) WireGuard Config with Pfsense – IPv6 and v4 with full speed

Credit: cloudflareCloudflare

Now, we need to setup NAT and Rules – final two steps 🙂

NAT

Go to the Firewall > NAT > Outbound, and checked on the Hybrid outbound NAT rule generation from NAT mode section then create two rules one for IPv4 and another for IPv6

Click up add button

  1. select cloudflare gateway in the interface
  2. select IPv6 from the address family
  3. protocol: any
  4. source: network and add IPv6 subnet
  5. destination: any

Outbound NAT

Click Save

Same for IPv4, see below

Outbound NAT for IPv4

Click Save

Both should look like this:

Finally, and most importantly:

Go to Firewall > Rules > VLAN40_WARP (whatever you named your LAN)

Create first rule for IPv6, click add(up) button and set:

  1. Action: pass
  2. Interface: VLAN40_WARP or whatever you named
  3. address family: IPv6
  4. protocol: any
  5. source: any
  6. destination: any
  7. scroll down to the gateway section
  8. select cloudflare IPv6 gateway
  9. Click Save

pfSense Firewall rulespfSense Firewall rules

 

Same for IPv4 rules in the firewall

Firewall rules for IPv4Firewall rules for IPv4

It should look like this: 

 

Tools:

  1. https://cloudflare-dns.com/help/
  2. https://speed.cloudflare.com/
  3. http://speedtest6.tele2.net/
  4. https://www.iplocation.net/
  5. https://ipv6-test.com/
  6. https://www.speedtest.net/
Post Views: 2,852
/0 Comments/by
You might also like
WireGuard VPN on Openwrt Image- Raspberry Pi 4
0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *