jean/docu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Doku: Horus Internet-Gateway (Handy + OPNsense LAN).

Browse Source 
Road-Warrior-Setup mit UFW wg0→eth0 und pixel7-Config; OPNsense-LAN-Exit
über HORUS_GW + Outbound-SNAT 10.1.1.22 als verifizierter Breakpoint.

Co-authored-by: Cursor <cursoragent@cursor.com>
This commit is contained in:
root
2026-06-28 18:17:49 +02:00
parent 3783762769
commit 3cd45f9f3f
6 changed files with 378 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
shared/horus-opnsense-wireguard/README.md
+3
View File
@@ -39,6 +39,7 @@ Direkter WireGuard-Tunnel zwischen **OPNsense** (lokales Netz) und **Horus** (VP
|-------|--------|
| [opnsense-client.conf](opnsense-client.conf) | Keys, PSK, Endpoint (OPNsense) |
| [opnsense-step-a-nat.md](opnsense-step-a-nat.md) | **OPNsense-Setup** (Route, Firewall, NAT) |
| [opnsense-internet-gateway.md](opnsense-internet-gateway.md) | **Optional:** LAN-Internet-Exit über Horus (GUI-only) |
| [horus-server-peer-opnsense.conf](horus-server-peer-opnsense.conf) | Horus Peer-Block |
| [wg0-opnsense-routes.sh](wg0-opnsense-routes.sh) | Horus Route-Script |
| [vm101-client.conf](vm101-client.conf) / [horus-server-peer-vm101.conf](horus-server-peer-vm101.conf) | VM-Tunnel (getrennt) |
@@ -66,6 +67,8 @@ Fritzbox: OPNsense in **DMZ** — kein extra WAN-Forwarding für WG.
- Peer `walbWTYX…`: AllowedIPs `10.1.1.22/32`, `10.100.2.0/24`
- `wg0-opnsense-routes.service` für Kernel-Routen zu OPNsense/Services
- VM-Peer: `10.1.1.5/32`, `10.2.2.0/24` only
- **Road-Warrior Internet-Gateway** (pixel7): [../../horus/wireguard-internet-gateway.md](../../horus/wireguard-internet-gateway.md)
- **LAN-Internet über OPNsense:** [opnsense-internet-gateway.md](opnsense-internet-gateway.md) — Gateway `10.1.1.1` + **SNAT `10.1.1.22`** (verifiziert 2026-06-28)
---