Skip to Content
Last modified by Xiaoye on 2024/04/19 19:52
From version 23.1
edited by Xiaoye
on 2024/01/03 10:02
Change comment: There is no comment for this version
To version 13.1
edited by Edwin Chen
on 2023/11/21 16:06
Change comment: There is no comment for this version

Summary

Details

Page properties
Author
... ... @@ -1,1 +1,1 @@
1 -XWiki.Xiaoye
1 +XWiki.Edwin
Content
... ... @@ -19,13 +19,7 @@
19 19  
20 20  = 2. Run WireGuard VPN in PC =
21 21  
22 -There are many methods to install and set WireGuard server. Below is an example for reference to set up WireGuard Server in Windows.
23 23  
24 -**Video Instruction**: [[Install WireGuard Server in Windows>>https://www.youtube.com/watch?v=1AWVvW5oJtU]].
25 -
26 -For other OS and methods, please search Google for more.
27 -
28 -
29 29  = 3. Configure Wireguard VPN on Gatewaythe LPS8N/DLOS8N/LG308N =
30 30  
31 31  == 3.1 For LPS8N/DLOS8N/LG308N ==
... ... @@ -34,51 +34,105 @@
34 34  Due to the size of Wireguard packages. We didn't add it as a default feature of gateways. If the user wants to use Wireguard Please upgrade your gateway firmware with the special [[firmware>>https://www.dragino.com/downloads/index.php?dir=LoRa_Gateway/DLOS8/Firmware/Wireguard-firmware/]].
35 35  
36 36  
37 -=== 1.) Preparation ===
31 +=== 3.1.1 Configuration via command line ===
38 38  
39 -* **Prepare WireGuard server public key, IP address, port, and peer address.**
33 +==== 3.1.1.1 Key Management ====
40 40  
41 41  
36 +**#Generate keys**
42 42  
43 -=== 2.) Steup WireGuard ===
38 +(% class="box infomessage" %)
39 +(((
40 +umask go=
44 44  
42 +wg genkey | tee wgserver.key | wg pubkey > wgserver.pub
45 45  
46 -* **Accessing the gateway's WireGuard page**
44 +wg genkey | tee wgclient.key | wg pubkey > wgclient.pub
47 47  
48 -[[image:image-20240103094049-2.png||height="437" width="915"]]
46 +wg genpsk > wgclient.psk
47 +)))
49 49  
49 +[[image:image-20231110150147-1.png||height="82" width="566"]]
50 50  
51 -* **Add the gateway's public key to the server and assign the peer address.**
52 52  
53 -[[image:image-20240103094832-3.png||height="545" width="912"]]
52 +==== 3.1.1.2 Firewall configuration ====
54 54  
55 55  
56 -* **Fill in the parameters of the WireGuard server**
55 +(((
56 +**#Configure firewall**
57 +)))
57 57  
58 -[[image:image-20240103095200-4.png||height="642" width="929"]]
59 +(% class="box infomessage" %)
60 +(((
61 +uci del_list firewall.wan.network="vpn"
59 59  
60 -=== 3. Testing ===
63 +uci add_list firewall.wan.network="vpn"
61 61  
65 +uci commit firewall
66 +)))
62 62  
63 -* **Ping Client Peer Address**
68 +[[image:image-20231110151524-2.png]]
64 64  
65 -[[image:image-20240103095549-5.png||height="405" width="928"]]
66 66  
71 +(((
72 +**#Reload firewall**
73 +)))
67 67  
68 -* **Access Gateway WebUI via Client Peer Address**
75 +(% class="box infomessage" %)
76 +(((
77 +/etc/init.d/firewall
78 +)))
69 69  
70 -[[image:image-20240103095756-6.png||height="488" width="933"]]
71 71  
81 +==== 3.1.1.3 Network configuration ====
72 72  
73 -=== 4. Troubleshooting ===
74 74  
75 -* **Unable to ping client**
84 +(((
85 +**#Configure network**
86 +)))
76 76  
77 - Please check if the client and server are on the same Network
88 +(% class="box infomessage" %)
89 +(((
90 + uci -q delete network.vpn
91 + uci set network.vpn="interface"
92 + uci set network.vpn.proto="wireguard"
93 + uci set network.vpn.private_key="{VPN_KEY}"
94 + uci add_list network.vpn.addresses="{VPN_ADDRESS}"
95 +)))
78 78  
97 +[[image:image-20231110152122-4.png]]
79 79  
80 80  
81 -=== ===
100 +(((
101 +**#Add VPN peers**
102 +)))
82 82  
104 +(% class="box infomessage" %)
105 +(((
106 + uci -q delete network.wgserver
107 + uci set network.wgserver="wireguard_vpn"
108 + uci set network.wgserver.public_key="{VPN_PUB}"
109 + uci set network.wgserver.endpoint_host="{VPN_SERVER}"
110 + uci set network.wgserver.preshared_key="{VPN_PSK}"
111 + uci set network.wgserver.endpoint_port="{VPN_PORT}"
112 + uci set network.wgserver.persistent_keepalive="25"
113 + uci set network.wgserver.route_allowed_ips="1"
114 + uci add_list network.wgserver.allowed_ips="0.0.0.0/0"
115 + uci add_list network.wgserver.allowed_ips="::/0"
116 + uci commit network
117 +)))
83 83  
84 -
119 +[[image:image-20231110152109-3.png]]
120 +
121 +
122 +(((
123 +**#reload network service**
124 +)))
125 +
126 +(% class="box infomessage" %)
127 +(((
128 +/etc/init.d/network reload
129 +)))
130 +
131 +
132 +
image-20240102190036-1.png
Author
... ... @@ -1,1 +1,0 @@
1 -XWiki.Xiaoye
Size
... ... @@ -1,1 +1,0 @@
1 -80.1 KB
Content
image-20240103093849-1.png
Author
... ... @@ -1,1 +1,0 @@
1 -XWiki.Xiaoye
Size
... ... @@ -1,1 +1,0 @@
1 -62.7 KB
Content
image-20240103094049-2.png
Author
... ... @@ -1,1 +1,0 @@
1 -XWiki.Xiaoye
Size
... ... @@ -1,1 +1,0 @@
1 -62.9 KB
Content
image-20240103094832-3.png
Author
... ... @@ -1,1 +1,0 @@
1 -XWiki.Xiaoye
Size
... ... @@ -1,1 +1,0 @@
1 -100.1 KB
Content
image-20240103095200-4.png
Author
... ... @@ -1,1 +1,0 @@
1 -XWiki.Xiaoye
Size
... ... @@ -1,1 +1,0 @@
1 -82.2 KB
Content
image-20240103095549-5.png
Author
... ... @@ -1,1 +1,0 @@
1 -XWiki.Xiaoye
Size
... ... @@ -1,1 +1,0 @@
1 -31.5 KB
Content
image-20240103095756-6.png
Author
... ... @@ -1,1 +1,0 @@
1 -XWiki.Xiaoye
Size
... ... @@ -1,1 +1,0 @@
1 -562.0 KB
Content