Router_Configs/wireguard.md at 65a136d89222b651810eb9f9a81081ab58ed5559

keteflips 65a136d892 Update wireguard.md

2025-10-10 19:16:13 +02:00

set interfaces wireguard wg0 private-key /config/auth/privatekey

set interfaces wireguard wg0 address 10.200.254.1/24

set interfaces wireguard wg0 route-allowed-ips true

set interfaces wireguard wg0 listen-port 51820

set firewall name WAN_LOCAL rule 20 action accept

set firewall name WAN_LOCAL rule 20 protocol udp

set firewall name WAN_LOCAL rule 20 description 'WireGuard'

set firewall name WAN_LOCAL rule 20 destination port 51820

set interfaces wireguard wg0 peer HMAlHHPMLvcDWhPoGbOkpDiKpZbdfkPZfIb7z6Q3XV0= allowed-ips 10.200.254.101/32

set interfaces wireguard wg0 peer HMAlHHPMLvcDWhPoGbOkpDiKpZbdfkPZfIb7z6Q3XV0= endpoint capsulecorp.duckdns.org:29922

set service nat rule 5010 description 'WireGuard NAT'

set service nat rule 5010 outbound-interface eth0

set service nat rule 5010 type masquerade

set service nat rule 5010 source address 10.200.254.0/24