Difference between revisions of "Wireguard ubuntu"
From Teknologisk videncenter
m (→Host B: Behind NAT) |
m (→Host A: Public access) |
||
| Line 13: | Line 13: | ||
wg-quick save wg0 | wg-quick save wg0 | ||
</source> | </source> | ||
| − | /etc/wireguard/wg | + | /etc/wireguard/wg. conf |
<source lang=bash> | <source lang=bash> | ||
[Interface] | [Interface] | ||
Revision as of 15:11, 4 August 2024
Wireguard VPN between two Ubuntu hosts - one behind NAT
Host A: Public access
sudo bash
apt install wireguard
cd /etc/wireguard
umask 077
wg genkey > privatekey
wg pubkey < privatekey > publickey
ip link add dev wg0 type wireguard
ip address add dev wg0 172.31.0.1/24
wg set wg0 listen-port 8172 private-key privatekey peer 9WDOCVCJ6dbcSofc2Ho1qbBBeiD6dBWWoyIyk+nxFxo= allowed-ips 0.0.0.0/0 endpoint 192.168.1.98:51820
wg-quick save wg0
/etc/wireguard/wg. conf
[Interface]
Address = 172.31.0.1/24
ListenPort = 8172
PrivateKey = THIS HOSTS PRIVATE KEY (Host A)=
# VVS nuc
[Peer]
PublicKey = THE OTHER HOSTS PUBLIC KEY (host B)=
AllowedIPs = 192.168.11.0/24, 172.31.0.0/24
Endpoint = 91.172.64.81:51820
Host B: Behind NAT
/etc/wireguard/wg0.conf
[Interface]
Address = 172.31.0.2/24
ListenPort = 51820
PrivateKey = THIS HOSTS PRIVATE KEY (Host B)=
[Peer]
PublicKey = OTHER HOSTS PUBLIC KEY (Host A)=
AllowedIPs = 192.168.12.0/24, 172.31.0.0/24
Endpoint = 91.172.64.81:8172
PersistentKeepalive = 20
Links
- https://www.wireguard.com/quickstart/[Category:Security]]