wireguard

2025-10-10 19:13:54 +02:00 · 2025-10-10 19:13:54 +02:00 · 45e81978c8
commit 45e81978c8
parent 63915e6d4a
1 changed files with 14 additions and 0 deletions
--- a/wireguard.md
+++ b/wireguard.md
@ -0,0 +1,14 @@
 set interfaces wireguard wg0 private-key /config/auth/privatekey
 set interfaces wireguard wg0 address 10.200.254.1/24
 set interfaces wireguard wg0 route-allowed-ips true
 set interfaces wireguard wg0 listen-port 51820
 set firewall name WAN_LOCAL rule 20 action accept
 set firewall name WAN_LOCAL rule 20 protocol udp
 set firewall name WAN_LOCAL rule 20 description 'WireGuard'
 set firewall name WAN_LOCAL rule 20 destination port 51820
 set interfaces wireguard wg0 peer HMAlHHPMLvcDWhPoGbOkpDiKpZbdfkPZfIb7z6Q3XV0= allowed-ips 10.200.254.101/32
 set interfaces wireguard wg0 peer HMAlHHPMLvcDWhPoGbOkpDiKpZbdfkPZfIb7z6Q3XV0= endpoint capsulecorp.duckdns.org:29922
 set service nat rule 5010 description 'WireGuard NAT'
 set service nat rule 5010 outbound-interface eth0
 set service nat rule 5010 type masquerade
 set service nat rule 5010 source address 10.200.254.0/24