Skip to Content
Last modified by Xiaoye on 2024/04/19 19:52
From version 10.1
edited by Edwin Chen
on 2023/11/10 20:32
Change comment: There is no comment for this version
To version 5.1
edited by Xiaoye
on 2023/11/10 15:21
Change comment: Uploaded new attachment "image-20231110152122-4.png", version {1}

Summary

Details

Page properties
Title
... ... @@ -1,1 +1,1 @@
1 -Use Wireguard VPN in Dragino Gateways
1 +LoRaWAN Gateway version with Wireguard Support
Author
... ... @@ -1,1 +1,1 @@
1 -XWiki.Edwin
1 +XWiki.Xiaoye
Content
... ... @@ -1,125 +1,0 @@
1 -(% class="wikigeneratedid" %)
2 -**Table of Contents:**
3 -
4 -{{toc/}}
5 -
6 -
7 -
8 -
9 -= 1. What is Wireguard VPN? =
10 -
11 -
12 -= 2. Run WireGuard VPN in PC =
13 -
14 -
15 -= 3. Configure Wireguard VPN on Gatewaythe LPS8N/DLOS8N/LG308N =
16 -
17 -
18 -== 3.1 For LPS8N/DLOS8N/LG308N ==
19 -
20 -Due to the size of Wireguard packages. We didn't add it as a default feature of gateways. If the user wants to use Wireguard Please upgrade your gateway firmware with the special [[firmware>>https://www.dragino.com/downloads/index.php?dir=LoRa_Gateway/DLOS8/Firmware/Wireguard-firmware/]].
21 -
22 -
23 -=== 3.1.1 Configuration via command line ===
24 -
25 -==== 3.1.1.1 Key Management ====
26 -
27 -
28 -**#Generate keys**
29 -
30 -(% class="box infomessage" %)
31 -(((
32 -umask go=
33 -
34 -wg genkey | tee wgserver.key | wg pubkey > wgserver.pub
35 -
36 -wg genkey | tee wgclient.key | wg pubkey > wgclient.pub
37 -
38 -wg genpsk > wgclient.psk
39 -)))
40 -
41 -[[image:image-20231110150147-1.png||height="82" width="566"]]
42 -
43 -
44 -==== 3.1.1.2 Firewall configuration ====
45 -
46 -
47 -(((
48 -**#Configure firewall**
49 -)))
50 -
51 -(% class="box infomessage" %)
52 -(((
53 -uci del_list firewall.wan.network="vpn"
54 -
55 -uci add_list firewall.wan.network="vpn"
56 -
57 -uci commit firewall
58 -)))
59 -
60 -[[image:image-20231110151524-2.png]]
61 -
62 -
63 -(((
64 -**#Reload firewall**
65 -)))
66 -
67 -(% class="box infomessage" %)
68 -(((
69 -/etc/init.d/firewall
70 -)))
71 -
72 -
73 -==== 3.1.1.3 Network configuration ====
74 -
75 -
76 -(((
77 -**#Configure network**
78 -)))
79 -
80 -(% class="box infomessage" %)
81 -(((
82 - uci -q delete network.vpn
83 - uci set network.vpn="interface"
84 - uci set network.vpn.proto="wireguard"
85 - uci set network.vpn.private_key="{VPN_KEY}"
86 - uci add_list network.vpn.addresses="{VPN_ADDRESS}"
87 -)))
88 -
89 -[[image:image-20231110152122-4.png]]
90 -
91 -
92 -(((
93 -**#Add VPN peers**
94 -)))
95 -
96 -(% class="box infomessage" %)
97 -(((
98 - uci -q delete network.wgserver
99 - uci set network.wgserver="wireguard_vpn"
100 - uci set network.wgserver.public_key="{VPN_PUB}"
101 - uci set network.wgserver.endpoint_host="{VPN_SERVER}"
102 - uci set network.wgserver.preshared_key="{VPN_PSK}"
103 - uci set network.wgserver.endpoint_port="{VPN_PORT}"
104 - uci set network.wgserver.persistent_keepalive="25"
105 - uci set network.wgserver.route_allowed_ips="1"
106 - uci add_list network.wgserver.allowed_ips="0.0.0.0/0"
107 - uci add_list network.wgserver.allowed_ips="::/0"
108 - uci commit network
109 -)))
110 -
111 -[[image:image-20231110152109-3.png]]
112 -
113 -
114 -(((
115 -**#reload network service**
116 -)))
117 -
118 -(% class="box infomessage" %)
119 -(((
120 -/etc/init.d/network reload
121 -)))
122 -
123 -
124 -
125 -