debian:other-debian:wireguard-debian

This is an old revision of the document!


Ausgangslage:

  • LAN Network=192.168.1.0/24
  • VPN Network=192.168.100.0/24
  • VPN Port=53666/UDP
# echo "deb http://deb.debian.org/debian/ unstable main" > /etc/apt/sources.list.d/unstable.list
# printf 'Package: *\nPin: release a=unstable\nPin-Priority: 90\n' > /etc/apt/preferences.d/limit-unstable

# apt-get update
# apt-get install wireguard
# umask 077 && cd /etc/wireguard/

# wg genkey > wg0.conf
# vim /etc/wireguard/wg0.conf

[Interface]
Address = 192.168.100.1/24
SaveConfig = true
PostUp = iptables -I FORWARD -i wg0 -j ACCEPT; iptables -I FORWARD -o wg0 -j ACCEPT
PostDown = iptables -F FORWARD
ListenPort = 53666
PrivateKey = INVH3hPTDtaQVB7TkGy/qLMeEgbiiUjV2PbPF0B4+ns=

# sysctl net.ipv4.ip_forward=1
# vim /etc/sysctl.d/99-sysctl.conf

# sysctl settings are defined through files in
# /usr/lib/sysctl.d/, /run/sysctl.d/, and /etc/sysctl.d/.
#
# Vendors settings live in /usr/lib/sysctl.d/.
# To override a whole file, create a new file with the same in
# /etc/sysctl.d/ and put new settings there. To override
# only specific settings, add a file with a lexically later
# name in /etc/sysctl.d/ and put new settings there.
#
# For more information, see sysctl.conf(5) and sysctl.d(5).
net.ipv4.ip_forward=1

# sysctl -p
# systemctl start wg-quick@wg0.service
# systemctl enable wg-quick@wg0.service
# wg

interface: wg0
  public key: g5C+DlBfxAzk+QHU6wSDC9PGKoSHTf5j9NC9fBQcrks=
  private key: (hidden)
  listening port: 53666


  • debian/other-debian/wireguard-debian.1546178418.txt.gz
  • Last modified: 2018/12/30 14:00
  • by michael