Changes for page Use Wireguard VPN in Dragino Gateways
Last modified by Xiaoye on 2024/04/19 19:52
Change comment:
There is no comment for this version
Summary
-
Page properties (2 modified, 0 added, 0 removed)
-
Attachments (0 modified, 0 added, 1 removed)
Details
- Page properties
-
- Author
-
... ... @@ -1,1 +1,1 @@ 1 -XWiki. Xiaoye1 +XWiki.Edwin - Content
-
... ... @@ -19,13 +19,7 @@ 19 19 20 20 = 2. Run WireGuard VPN in PC = 21 21 22 -There are many methods to install and set WireGuard server. Below is an example for reference to set up WireGuard Server in Windows. 23 23 24 -**Video Instruction**: [[Install WireGuard Server in Windows>>https://www.youtube.com/watch?v=1AWVvW5oJtU]]. 25 - 26 -For other OS and methods, please search Google for more. 27 - 28 - 29 29 = 3. Configure Wireguard VPN on Gatewaythe LPS8N/DLOS8N/LG308N = 30 30 31 31 == 3.1 For LPS8N/DLOS8N/LG308N == ... ... @@ -34,11 +34,105 @@ 34 34 Due to the size of Wireguard packages. We didn't add it as a default feature of gateways. If the user wants to use Wireguard Please upgrade your gateway firmware with the special [[firmware>>https://www.dragino.com/downloads/index.php?dir=LoRa_Gateway/DLOS8/Firmware/Wireguard-firmware/]]. 35 35 36 36 37 - [[image:image-20240102190036-1.png]]31 +=== 3.1.1 Configuration via command line === 38 38 33 +==== 3.1.1.1 Key Management ==== 39 39 40 40 41 - ======36 +**#Generate keys** 42 42 38 +(% class="box infomessage" %) 39 +((( 40 +umask go= 43 43 44 - 42 +wg genkey | tee wgserver.key | wg pubkey > wgserver.pub 43 + 44 +wg genkey | tee wgclient.key | wg pubkey > wgclient.pub 45 + 46 +wg genpsk > wgclient.psk 47 +))) 48 + 49 +[[image:image-20231110150147-1.png||height="82" width="566"]] 50 + 51 + 52 +==== 3.1.1.2 Firewall configuration ==== 53 + 54 + 55 +((( 56 +**#Configure firewall** 57 +))) 58 + 59 +(% class="box infomessage" %) 60 +((( 61 +uci del_list firewall.wan.network="vpn" 62 + 63 +uci add_list firewall.wan.network="vpn" 64 + 65 +uci commit firewall 66 +))) 67 + 68 +[[image:image-20231110151524-2.png]] 69 + 70 + 71 +((( 72 +**#Reload firewall** 73 +))) 74 + 75 +(% class="box infomessage" %) 76 +((( 77 +/etc/init.d/firewall 78 +))) 79 + 80 + 81 +==== 3.1.1.3 Network configuration ==== 82 + 83 + 84 +((( 85 +**#Configure network** 86 +))) 87 + 88 +(% class="box infomessage" %) 89 +((( 90 + uci -q delete network.vpn 91 + uci set network.vpn="interface" 92 + uci set network.vpn.proto="wireguard" 93 + uci set network.vpn.private_key="{VPN_KEY}" 94 + uci add_list network.vpn.addresses="{VPN_ADDRESS}" 95 +))) 96 + 97 +[[image:image-20231110152122-4.png]] 98 + 99 + 100 +((( 101 +**#Add VPN peers** 102 +))) 103 + 104 +(% class="box infomessage" %) 105 +((( 106 + uci -q delete network.wgserver 107 + uci set network.wgserver="wireguard_vpn" 108 + uci set network.wgserver.public_key="{VPN_PUB}" 109 + uci set network.wgserver.endpoint_host="{VPN_SERVER}" 110 + uci set network.wgserver.preshared_key="{VPN_PSK}" 111 + uci set network.wgserver.endpoint_port="{VPN_PORT}" 112 + uci set network.wgserver.persistent_keepalive="25" 113 + uci set network.wgserver.route_allowed_ips="1" 114 + uci add_list network.wgserver.allowed_ips="0.0.0.0/0" 115 + uci add_list network.wgserver.allowed_ips="::/0" 116 + uci commit network 117 +))) 118 + 119 +[[image:image-20231110152109-3.png]] 120 + 121 + 122 +((( 123 +**#reload network service** 124 +))) 125 + 126 +(% class="box infomessage" %) 127 +((( 128 +/etc/init.d/network reload 129 +))) 130 + 131 + 132 +
- image-20240102190036-1.png
-
- Author
-
... ... @@ -1,1 +1,0 @@ 1 -XWiki.Xiaoye - Size
-
... ... @@ -1,1 +1,0 @@ 1 -80.1 KB - Content