forked from Decentrala/dmzconf
57 lines
1.1 KiB
Markdown
57 lines
1.1 KiB
Markdown
---
|
|
VMID: 103
|
|
---
|
|
|
|
[Wireguard VPN quickstart](https://www.wireguard.com/quickstart)
|
|
|
|
Check `dmzadmin` for `wireguard.gpg` to know who to contact for access
|
|
|
|
---
|
|
|
|
### Client config
|
|
|
|
Client config example
|
|
`x` is the assigned on the server as peer:
|
|
|
|
```conf
|
|
|
|
[Interface]
|
|
Address = 192.168.164.x/32
|
|
DNS = 1.1.1.1
|
|
MTU = 1420
|
|
SaveConfig = true
|
|
ListenPort = 51820
|
|
FwMark = 0xca6c
|
|
PrivateKey = <your_private_wg_key>
|
|
|
|
[Peer]
|
|
PublicKey = JP2FTHLUujkevz1kUymciLImsx1OX9ViUko7oPAIoiA=
|
|
AllowedIPs = 192.168.164.0/24, 192.168.1.0/24
|
|
Endpoint = 77.105.27.232:51820
|
|
PersistentKeepalive = 21
|
|
|
|
```
|
|
|
|
---
|
|
|
|
### Server config
|
|
|
|
New user/client needs to provide their wireguard `publickey` and new ip on the network needs to be assigned (`x`)
|
|
check the server config file `/etc/wireguard/wg0.conf` to find free address
|
|
|
|
```sh
|
|
sudo wg set wg0 peer <client_public_key> allowed-ips 192.168.164.x/32
|
|
```
|
|
|
|
---
|
|
|
|
Command to resolve IP clashing with current and wireguard network, if needed
|
|
|
|
```shell
|
|
ip route add <ip> dev <wg0>
|
|
```
|
|
|
|
- `ip` you want to resolve -> for wireguard VM 192.168.1.10
|
|
- `wg0` name of the wireguard config
|
|
|