|
https://songer.pro/how-to-install-wireguard-on-ubuntu-20-04/ . P% }% I3 F/ h6 M v
https://linuxize.com/post/how-to-set-up-wireguard-vpn-on-centos-8/ 这是一个学习LINUX的好网站 % b: p. v3 E7 A7 h9 k/ k
# F c+ g7 U' s' E
centos7下预置的yum源应用安装及更新比较慢,有时还掉链子,更换到国内的源比较省心,这里以阿里源为例。 进入到源文件目录 cd /etc/yum.repos.d 备份旧的配置文件 mv CentOS-Base.repo CentOS-Base.repo.bak 下载阿里源的文件 清理缓存 yum clean all 重新生成缓存 yum makecache
. Z6 P1 ?4 ]! w {2 s' u! t
Update and Upgrade Ubuntusudo apt-get update && sudo apt-get upgrade -yInstall Wireguardsudo apt-get install wireguardOpen the system variables file for edit. sudo nano /etc/sysctl.confThen uncomment the following line by removing the # at the beginning of the line. net.ipv4.ip_forward=1Apply sudo sysctl -p
Install and Configure UFW# Install UFWsudo apt install ufw# Firewall Rulessudo ufw allow sshsudo ufw allow 51820/udp# Enable Firewallsudo ufw enable#Check UFW Statussudo ufw status
Generating private and public keys and Configure# Change Directorycd /etc/wireguard# Set Permissionsumask 077# Generate a new key pair with the command belowwg genkey | tee privatekey | wg pubkey > publickeyGenerate server config# Create new config filesudo nano /etc/wireguard/wg0.conf[Interface]PrivateKey = <contents-of-server-privatekey>Address = 10.0.0.1/24PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADEPostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADEListenPort = 51820[Peer]PublicKey = <contents-of-client-publickey>AllowedIPs = 10.0.0.2/32sudo cat /etc/wireguard/publickeysudo cat /etc/wireguard/privatekeyStart Wireguard wg-quick up wg0Check Wireguard Config wg showEnable Automatic Start systemctl enable wg-quick@wg0Update Server sudo apt-get update && sudo apt-get upgrade -y
Client configuration; f0 _' _- E f/ `2 j
Create new Config file on Client Device sudo nano /etc/wireguard/wg0.confRemember to set the client private key and server public key to their corresponding places and also include your WireGuard server’s public IP address. [Interface]Address = 10.0.0.2/32PrivateKey = <contents-of-client-privatekey>DNS = 1.1.1.1[Peer]PublicKey = <contents-of-server-publickey>Endpoint = <server-public-ip>:51820AllowedIPs = 0.0.0.0/0, ::/0Note that setting AllowedIPs to 0.0.0.0/0, ::/0 will forward all traffic over the WireGuard VPN connection.Start the connection with the command below. sudo wg-quick up wg0To Disconnect sudo wg-quick down wg0sudo systemctl stop wg-quick@wg0 | 
|华强北 电脑城 龙岗电子世界 龙华电脑城 pc4g.com
( 粤ICP备16039863号 )
发表于 2015-4-2 13:39:43