Created
February 23, 2019 14:35
-
-
Save khorsmann/aa6f2b1498e040ec734590b672cdc65b to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
- Install Python, git, build-essential from dietpi-software | |
- Run rpi-source: https://github.com/notro/rpi-source/wiki | |
- Enable IP Forwarding | |
- nano /etc/sysctl.conf: | |
- net.ipv4.ip_forward = 1 | |
- sudo apt-get install libmnl-dev | |
- git clone https://git.zx2c4.com/WireGuard | |
- $ cd WireGuard/src | |
- $ make | |
- # make install | |
- Generate the keys | |
- # wg genkey > rpi_private.key | |
- # wg pubkey > rpi_public.key < rpi_private.key | |
- # nano /etc/wireguard/wg0.conf | |
=========================================== | |
[Interface] | |
ListenPort = 1500 | |
PrivateKey = <rpi_private.key> | |
[Peer] | |
PublicKey = <client_public.key> | |
AllowedIPs = 192.168.2.2/32 | |
=========================================== | |
- # nano /etc/network/interfaces | |
=========================================== | |
auto wg0 | |
iface wg0 inet static | |
pre-up ip link add dev wg0 type wireguard | |
post-up wg setconf wg0 /etc/wireguard/wg0.conf | |
post-up ip link set dev wg0 up | |
#READ THIS | |
#enable access to remote subnet 192.168.2.x via remote wg0 interface: | |
#change this according to your config | |
#post-up ip route add 192.168.2.0/24 via 192.168.5.2 dev wg0 | |
#change eth0 to your primary interface, if needed | |
post-up iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE | |
address 192.168.2.1 | |
netmask 255.255.255.0 | |
=========================================== | |
- apt-get install ufw | |
- ufw allow 1500 | |
- PORT TO BE OPEN 1500 UDP/TCP |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment