Complete wireward configuration

wireguard.md

@@ -1,27 +1,40 @@
+## INSTALL
+
+curl -OL https://github.com/WireGuard/wireguard-vyatta-ubnt/releases/download/1.0.20220627-1/
+e300-v2-v1.0.20220627-v1.0.20210914.deb
+dpkg -i e300-v2-v1.0.20220627-v1.0.20210914.deb
+cd /config/auth
+wg genkey | tee privatekey | wg pubkey > publickey
+
+## CONFIGURE
+
+
+configure
+
+### Configure server
 set interfaces wireguard wg0 private-key /config/auth/privatekey
-
 set interfaces wireguard wg0 address 10.200.254.1/24
-
 set interfaces wireguard wg0 route-allowed-ips true
-
 set interfaces wireguard wg0 listen-port 51820
 
+### Configure peer (clientes)
+set interfaces wireguard wg0 peer HMAlHHPMLvcDWhPoGbOkpDiKpZbdfkPZfIb7z6Q3XV0= allowed-ips 10.200.254.101/32
+set interfaces wireguard wg0 peer HMAlHHPMLvcDWhPoGbOkpDiKpZbdfkPZfIb7z6Q3XV0= endpoint capsulecorp.duckdns.org:29922
+set interfaces wireguard wg0 peer HMAlHHPMLvcDWhPoGbOkpDiKpZbdfkPZfIb7z6Q3XV0= persistent-keepalive 25
+
+### Configure Firewall
 set firewall name WAN_LOCAL rule 20 action accept
-
 set firewall name WAN_LOCAL rule 20 protocol udp
-
 set firewall name WAN_LOCAL rule 20 description 'WireGuard'
-
 set firewall name WAN_LOCAL rule 20 destination port 51820
 
-set interfaces wireguard wg0 peer HMAlHHPMLvcDWhPoGbOkpDiKpZbdfkPZfIb7z6Q3XV0= allowed-ips 10.200.254.101/32
+### Configure NAT
-
-set interfaces wireguard wg0 peer HMAlHHPMLvcDWhPoGbOkpDiKpZbdfkPZfIb7z6Q3XV0= endpoint capsulecorp.duckdns.org:29922
-
 set service nat rule 5010 description 'WireGuard NAT'
-
 set service nat rule 5010 outbound-interface eth0
-
 set service nat rule 5010 type masquerade
-
 set service nat rule 5010 source address 10.200.254.0/24
+
+commit
+save
+exit
+