Created with Fabric.js 5.3.0
pfSense Setup

Configure WireGuard

This section shows you how to set up your WireGuard tunnel, peer, and interface for WiZone.
Important : Get your configuration from the WiZone Portal first.
Before you continue, make sure you have downloaded or copied the device-specific configuration values from the WiZone Portal.

Get Your Device Settings

  1. Log in to the WiZone Portal
  2. Go to the Devices page
  3. Select your device (e.g., "grosio")
  4. Click on the device to open the Device Configuration dialog
  5. Copy the configuration values as needed for each setup step
Keep this configuration page open as you'll need to copy values throughout the setup process.

Step 1 - WireGuard Tunnel Configuration

  1. Go to VPN → WireGuard → Tunnels → Add Tunnel.
  2. Tick the Enable Tunnel checkbox.
  3. Enter the following details using values from your WiZone Portal device configuration:
FieldWhere to Find ValueDescription
Description(choose any name)Name to identify your WireGuard tunnel (e.g., WG_WiZone)
Listen Port(default: 51820)Port used for WireGuard communication
Interface KeysPEER PRIVATE KEY(Copy from WiZone Portal Device Configuration Do not click Generate )
  1. Scroll down to Interface Configuration (tun_wg1).
  2. Enter the following:
FieldWhere to Find ValueDescription
Interface Address WG INTERFACE IP(Copy from WiZone Portal Device Configuration)
  1. click Save Tunnel.

Step 2 - Add a Peer

  1. Go to VPN → WireGuard → Peers → Add Peer.
  2. Configure using values from your WiZone Portal device configuration:
FieldWhere to Find ValueDescription
Enable Peer(check the box)Ensure the peer is active
Tunnel(select your tunnel)Select the tunnel created earlier (e.g., tun_wg0 (WG_WiZone))
Dynamic Endpoint(untick this option)Disable this so you can manually enter the Endpoint and Port values.
Endpointwg2.wizone.ioWiZone remote hostname
Port51821Port for this peer
Keep Alive15Optional – maintain persistent connection
Public KeyTUNNEL PUBLIC KEY(Copy from WiZone Portal Device onfiguration)

Step 3 - Add IP Allow List

  1. Under the same Peer Configuration, scroll to Address Configuration.
  2. Add the following network under Allowed IPs:
RowAllowed IPsDescriptioncomment
110.1.10.0/24WiZone SystemUsed for core WiZone services such as API, authentication, device sync, and other essential system functions.
210.1.200.0/24WiGuard ManagementUsed for management traffic, device status updates, control-plane communication, and internal monitoring (Additional support access for WiZone support team.)

Step 4 - Add Interface for WireGuard

  1. Go to Interfaces → Assignments → Interface Assignments.
  2. Under Available Network Ports, select your WireGuard tunnel (tun_wg0) and click + Add.
  3. Click the newly added interface (e.g., OPT1, OPT2, etc.) to open its configuration page.

  1. Configure the interface using the following settings:
FieldWhere to Find ValueDescription
Description(choose any name)Interface name (e.g., WG_WiZone)
IPv4 Configuration TypeStatic IPv4Set the interface to use a static IP
IPv4 AddressWG INTERFACE IP(Copy from WiZone Portal Device configuration)

Install WireGuard

This section explains how to install and enable WireGuard on pfSense.

WireGuard Connection

This section shows you how to enable the WireGuard service, apply the required firewall rules, and confirm that your device is successfully connected to WiZone.