keteflips/Router_Configs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
3aa3b45ad1
Router_Configs/wireguard.md

53 lines
1.4 KiB
Markdown
Raw Blame History

## INSTALL
```sh
curl -OL https://github.com/WireGuard/wireguard-vyatta-ubnt/releases/download/1.0.20220627-1/e300-v2-v1.0.20220627-v1.0.20210914.deb
dpkg -i e300-v2-v1.0.20220627-v1.0.20210914.deb
cd /config/auth
wg genkey | tee privatekey | wg pubkey > publickey
```
## CONFIGURE
```sh
configure
```
### Configure server
```sh
set interfaces wireguard wg0 private-key /config/auth/privatekey
set interfaces wireguard wg0 address 10.200.254.1/24
set interfaces wireguard wg0 route-allowed-ips true
set interfaces wireguard wg0 listen-port 51820
```
### Configure peer (clientes)
```sh
set interfaces wireguard wg0 peer HMAlHHPMLvcDWhPoGbOkpDiKpZbdfkPZfIb7z6Q3XV0= allowed-ips 10.200.254.101/32
set interfaces wireguard wg0 peer HMAlHHPMLvcDWhPoGbOkpDiKpZbdfkPZfIb7z6Q3XV0= endpoint capsulecorp.duckdns.org:29922
set interfaces wireguard wg0 peer HMAlHHPMLvcDWhPoGbOkpDiKpZbdfkPZfIb7z6Q3XV0= persistent-keepalive 25
```
### Configure Firewall
```sh
set firewall name INTERNET_LOCAL rule 10 description "Permitir WireGuard"
set firewall name INTERNET_LOCAL rule 10 action accept
set firewall name INTERNET_LOCAL rule 10 protocol udp
set firewall name INTERNET_LOCAL rule 10 destination port 51820
```
### Configure NAT
```sh
set service nat rule 5010 description 'WireGuard NAT'
set service nat rule 5010 outbound-interface eth0
set service nat rule 5010 type masquerade
set service nat rule 5010 source address 10.200.254.0/24
```
### Save changes
```sh
commit
save
exit
```
Reference in New Issue View Git Blame Copy Permalink