Bonding Multiple Windscribe VPN Connections with pfSense and Wireguard

By

This guide will show you how to setup pfSense and Wireguard with multiple connections to Windscribe’s VPNs for faster speeds and redundancy / failover.

Download config file from Windscribe

Go to https://windscribe.com/getconfig/wireguard

Select Location, Port, and Key Pair

Select New Key Pair if this is the first time generating a config file.

In this guide, we will use Port 443 for the examples.

Download the config file

Repeat steps for each Windscribe server that you want to connect.

Open the config files in a text editor such as Notepad. Each file should contain information about the server address, the public key, and the private key for the VPN connection.

Setup Wireguard tunnels

First, make sure you have the Wireguard package installed on your pfSense device.

Then, go to VPN –> Wireguard –> Add Tunnel

Enable Tunnel

Description –> Name for your tunnel, such as “Windscribe1”

Listen port: The default port is 51820. Additional tunnels must use a different port.

Interface Keys –> Private Key –> Paste the Private Key from the config file you downloaded

Save Tunnel

Repeat steps to create additional Wireguard tunnels to different Windscribe servers.

For the Listen Port, you’ll need to use a different port for each additional tunnel. Use port numbers that are easy to remember for your other tunnels, for example 51821, 51822, etc.

Setup Wireguard interfaces

Go to Interfaces –> Assignments

Add the newly created Wireguard tunnel

When the tunnel is created, it will show up as “tun_wg#”

Click on the new tunnel

Change the description to the name of your tunnel, for example “Wireguard1”

IPv4 Configuration Type –> Static IPv4

Static IPv4 Configuration –> IPv4 Address –> Paste the address from the config file you downloaded

Subnet –> /32

Save Interface

Repeat steps to create additional interfaces for each Windscribe server you will connect.

Setup Wireguard peers

Go to VPN –> Wireguard –> select Peers –> Add Peer

Enable Peer

Tunnel –> Select your newly created tunnel

Description –> Name for your peer configuration, for example “Wireguard1”

Uncheck Dynamic Endpoint

Endpoint –> Paste Endpoint from the config file

Port used by this peer –> Use the port that you selected for your config file, for example 443

Public Key –> Paste PublicKey from the config file

Pre-shared Key –> Paste the PresharedKey from the config file

Allowed IPs –> 0.0.0.0 and subnet /0

Add Description

Save Peer

Repeat steps to create additional peers for each Windscribe server you will connect.

Go to VPN –> Wireguard –> Status

Expand the tunnel and check if you have a green handshake for your peer. At this point, the VPNs should be up but there will be no traffic flowing through the tunnels. You’ll need to create the gateways now.

Next: Setup gateways

1 2 3 4


Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.