wireguard
This is an old revision of the document!
Table of Contents
Wireguard
Install Wireguard on Debian 9.x and Raspbian 10.x
# echo "deb http://deb.debian.org/debian/ unstable main" > /etc/apt/sources.list.d/unstable.list # echo -e "Package: *\nPin: release a=unstable\nPin-Priority: 150\n" > /etc/apt/preferences.d/limit-unstable # apt-get update && apt-get install wireguard-dkms wireguard-tools # modprobe wireguard && lsmod | grep wireguard
Create Key Pairs
Host A
# wg genkey > privateA # wg pubkey < privateA > publicA
Host B
# wg genkey > privateB # wg pubkey < privateB > publicB
Assign Link Network to Wireguard-Tunnel
Link-Network: 172.24.0.0/30 HostA: 172.24.0.1/30 Host2: 172.24.0.2/30
Create Config
Host A
# cat /etc/wireguard/wg0.conf # HostA - HostB [Interface] Address = 172.24.0.1/30 PrivateKey = <contents of privateA> ListenPort = 51820 [Peer] PublicKey = <contents of publicB> AllowedIPs = 172.24.0.2/32
Host B
# cat /etc/wireguard/wg0.conf # HostB - HostA [Interface] Address = 172.24.0.2/30 PrivateKey = <contents of privateB> ListenPort = 51820 [Peer] PublicKey = <contents of publicA> AllowedIPs = 172.24.0.1/32 # Uncomment if HostB is behind NAT Router # PersistentKeepAlive = 25
wireguard.1614062371.txt.gz · Last modified: 2021/02/23 07:39 by baumi