No Comments

debian下的wireguard简易配置

  1. 有公网的Debian服务器:

1.1. 生成密钥对

# cd /etc/wireguard/
# umask 077; wg genkey | tee privatekey | wg pubkey > publickey

1.2. /etc/network/interfaces

auto wg-wxc
iface wg-wxc inet static
    address 192.168.201.1
    netmark 255.255.255.0
    pre-up ip link add $IFACE type wireguard
    pre-up wg setconf $IFACE /etc/wireguard/$IFACE.conf
    post-down ip link del $IFACE

1.3. /etc/wireguard/wg-wxc.conf

[Interface]
PrivateKey = [SERVER_PRIVATE_KEY]0HdENDSwgBJILdMDVJgddcHAnqLXJcIXhSZlAovHgEY=
ListenPort = 51820

[Peer]
Endpoint = [SERVER_PUBLIC_IP]:51820
PublicKey = [CLIENT_PUBLIC_KEY] 
AllowedIPs = 192.168.201.0/24

重启networking服务即可。

  1. 客户端配置
    2.1. 生成密钥对
    windows的wg可以直接新建空隧道,linux则和服务端相同

2.2. conf

[Interface]
PrivateKey = [CLIENT_PRIVATE_KEY]
Address = 192.168.201.2/32

[Peer]
PublicKey = [SERVER_PUBLIC_KEY]
AllowedIPs = 192.168.201.0/24
Endpoint = [SERVER_PUBLIC_IP]:51820
PersistentKeepalive = 25

发表于  2023-12-22 15:46:14 并被添加「」标签,阅读量: 2729 。

此处评论已关闭