WireGuard setup: Difference between revisions
Jump to navigation
Jump to search
Created page with "* Add to <code>/etc/rc.d/rc.firewall</code>: <pre> # Allow wireguard $ipt -A INPUT -i eth0 -p udp --dport 51820 -j ACCEPT $ipt -A INPUT -i wg0 -j ACCEPT $ipt -A FORWARD -i wg0..." |
No edit summary |
||
| Line 29: | Line 29: | ||
PublicKey = <Bob's public key> | PublicKey = <Bob's public key> | ||
AllowedIPs = 10.8.0.3/32 | AllowedIPs = 10.8.0.3/32 | ||
</ | </pre> | ||
[[Category: Linux]] | [[Category: Linux]] | ||
Revision as of 18:49, 4 August 2022
- Add to
/etc/rc.d/rc.firewall:
# Allow wireguard $ipt -A INPUT -i eth0 -p udp --dport 51820 -j ACCEPT $ipt -A INPUT -i wg0 -j ACCEPT $ipt -A FORWARD -i wg0 -o eth0 -j ACCEPT $ipt -A FORWARD -i eth0 -o wg0 -j ACCEPT $ipt -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE
- # sysctl -w net.ipv4.ip_forward=1
- add
net.ipv4.ip_forward=1to/etc/sysctl.conf
- add
- # wg genkey > /etc/wireguard/private.key
- # chmod 400 /etc/wireguard/private.key
- # wg pubkey < /etc/wireguard/private.key > /etc/wireguard/public.key
- /etc/wireguard/wg0.conf
[Interface] Address = 10.8.0.1/24 ListenPort = 51820 PrivateKey = <private key> [Peer] # Alice PublicKey = <Alice's public key> AllowedIPs = 10.8.0.2/32 [Peer] # Bob PublicKey = <Bob's public key> AllowedIPs = 10.8.0.3/32