Wirguard Full-Tunnel VPN

Aus Xinux Wiki
Zur Navigation springen Zur Suche springen

Client

Raspberry

  • apt install wireguard
  • cat /etc/wireguard/wg0.conf
[Interface]
Address = fd00:1234:5678:9abc::2, 172.30.35.2
PrivateKey = xxxxxxxxxxxxxxxxx
[Peer]
PublicKey = xxxxxxxxxxxxxxxxx
PresharedKey = xxxxxxxxxxxxxxxxx
AllowedIPs = 0.0.0.0/0, ::/0 
Endpoint = px.men.de:51821
PersistentKeepalive = xxxxxxxxxxxxxxxxx

Server

cat wg0.conf 

# Description:
[Interface]
Address = 172.30.35.1,fd00:1234:5678:9abc::1
PrivateKey = xxxxxxxxxxxxxxxxx
ListenPort = 51821

# Peer: ipv6 Tunnel
[Peer]
PublicKey = xxxxxxxxxxxxxxxxx
PresharedKey = xxxxxxxxxxxxxxxxx
AllowedIPs = 2aZZ:24YY:71:3000::/56,fd00:1234:5678:9abc::/64,172.30.34.0/24

PFSense

Tunnel anlegen

Pfsense-wg-1.png

Peer konfigurieren

Pfsense-wg-2.png

Tunnel Interface als reales anlegen

Pfsense-wg-3.png

IPs auf dem Interface vergeben

Pfsense-wg-6.png

Gateways für IPv4 und Ipv6 anlegen

Pfsense-wg-7.png

IPv6 Route setzen

Pfsense-wg-8.png

IPv4 Route setzen

Pfsense-wg-9.png

Abgerufen von „http://wiki.ixheim.de/index.php?title=Wirguard_Full-Tunnel_VPN&oldid=60906