## INSTALL

```sh
curl -OL https://github.com/WireGuard/wireguard-vyatta-ubnt/releases/download/1.0.20220627-1/e300-v2-v1.0.20220627-v1.0.20210914.deb
dpkg -i e300-v2-v1.0.20220627-v1.0.20210914.deb
cd /config/auth
wg genkey | tee privatekey | wg pubkey > publickey
```

## CONFIGURE

```sh
configure
```

### Configure server
```sh
set interfaces wireguard wg0 private-key /config/auth/privatekey
set interfaces wireguard wg0 address 10.200.254.1/24
set interfaces wireguard wg0 route-allowed-ips true
set interfaces wireguard wg0 listen-port 51820
```

### Configure peer (clientes)
```sh
set interfaces wireguard wg0 peer HMAlHHPMLvcDWhPoGbOkpDiKpZbdfkPZfIb7z6Q3XV0= allowed-ips 10.200.254.101/32
set interfaces wireguard wg0 peer HMAlHHPMLvcDWhPoGbOkpDiKpZbdfkPZfIb7z6Q3XV0= endpoint capsulecorp.duckdns.org:29922
set interfaces wireguard wg0 peer HMAlHHPMLvcDWhPoGbOkpDiKpZbdfkPZfIb7z6Q3XV0= persistent-keepalive 25
```

### Configure Firewall
```sh
set firewall name INTERNET_LOCAL rule 10 description "Permitir WireGuard"
set firewall name INTERNET_LOCAL rule 10 action accept
set firewall name INTERNET_LOCAL rule 10 protocol udp
set firewall name INTERNET_LOCAL rule 10 destination port 51820
```

### Configure NAT
```sh
set service nat rule 5010 description 'WireGuard NAT'
set service nat rule 5010 outbound-interface eth0
set service nat rule 5010 type masquerade
set service nat rule 5010 source address 10.200.254.0/24
```

### Save changes
```sh
commit
save
exit
```