Changes for page Use Wireguard VPN in Dragino Gateways
Last modified by Xiaoye on 2024/04/19 19:52
Change comment:
There is no comment for this version
Summary
-
Page properties (3 modified, 0 added, 0 removed)
-
Attachments (0 modified, 2 added, 0 removed)
Details
- Page properties
-
- Title
-
... ... @@ -1,1 +1,1 @@ 1 - LoRaWAN Gatewayversion withWireguardSupport1 +Use Wireguard VPN in Dragino Gateways - Author
-
... ... @@ -1,1 +1,1 @@ 1 -XWiki. Xiaoye1 +XWiki.Edwin - Content
-
... ... @@ -1,0 +1,123 @@ 1 +(% class="wikigeneratedid" %) 2 +**Table of Contents:** 3 + 4 +{{toc/}} 5 + 6 + 7 + 8 + 9 += 1. What is Wireguard VPN? = 10 + 11 + 12 + 13 += 2. Configure Wireguard VPN on Gatewaythe LPS8N/DLOS8N/LG308N = 14 + 15 + 16 +== 2.1 For LPS8N/DLOS8N/LG308N == 17 + 18 +Due to the size of Wireguard packages. We didn't add it as a default feature of gateways. If the user wants to use Wireguard Please upgrade your gateway firmware with the special [[firmware>>https://www.dragino.com/downloads/index.php?dir=LoRa_Gateway/DLOS8/Firmware/Wireguard-firmware/]]. 19 + 20 + 21 +=== 2.1.1 Configuration via command line === 22 + 23 +==== 2.1.1.1 Key Management ==== 24 + 25 + 26 +**#Generate keys** 27 + 28 +(% class="box infomessage" %) 29 +((( 30 +umask go= 31 + 32 +wg genkey | tee wgserver.key | wg pubkey > wgserver.pub 33 + 34 +wg genkey | tee wgclient.key | wg pubkey > wgclient.pub 35 + 36 +wg genpsk > wgclient.psk 37 +))) 38 + 39 +[[image:image-20231110150147-1.png||height="82" width="566"]] 40 + 41 + 42 +==== 2.1.1.2 Firewall configuration ==== 43 + 44 + 45 +((( 46 +**#Configure firewall** 47 +))) 48 + 49 +(% class="box infomessage" %) 50 +((( 51 +uci del_list firewall.wan.network="vpn" 52 + 53 +uci add_list firewall.wan.network="vpn" 54 + 55 +uci commit firewall 56 +))) 57 + 58 +[[image:image-20231110151524-2.png]] 59 + 60 + 61 +((( 62 +**#Reload firewall** 63 +))) 64 + 65 +(% class="box infomessage" %) 66 +((( 67 +/etc/init.d/firewall 68 +))) 69 + 70 + 71 +==== 2.1.1.3 Network configuration ==== 72 + 73 + 74 +((( 75 +**#Configure network** 76 +))) 77 + 78 +(% class="box infomessage" %) 79 +((( 80 + uci -q delete network.vpn 81 + uci set network.vpn="interface" 82 + uci set network.vpn.proto="wireguard" 83 + uci set network.vpn.private_key="{VPN_KEY}" 84 + uci add_list network.vpn.addresses="{VPN_ADDRESS}" 85 +))) 86 + 87 +[[image:image-20231110152122-4.png]] 88 + 89 + 90 +((( 91 +**#Add VPN peers** 92 +))) 93 + 94 +(% class="box infomessage" %) 95 +((( 96 + uci -q delete network.wgserver 97 + uci set network.wgserver="wireguard_vpn" 98 + uci set network.wgserver.public_key="{VPN_PUB}" 99 + uci set network.wgserver.endpoint_host="{VPN_SERVER}" 100 + uci set network.wgserver.preshared_key="{VPN_PSK}" 101 + uci set network.wgserver.endpoint_port="{VPN_PORT}" 102 + uci set network.wgserver.persistent_keepalive="25" 103 + uci set network.wgserver.route_allowed_ips="1" 104 + uci add_list network.wgserver.allowed_ips="0.0.0.0/0" 105 + uci add_list network.wgserver.allowed_ips="::/0" 106 + uci commit network 107 +))) 108 + 109 +[[image:image-20231110152109-3.png]] 110 + 111 + 112 +((( 113 +**#reload network service** 114 +))) 115 + 116 +(% class="box infomessage" %) 117 +((( 118 +/etc/init.d/network reload 119 +))) 120 + 121 + 122 + 123 +
- image-20231110152109-3.png
-
- Author
-
... ... @@ -1,0 +1,1 @@ 1 +XWiki.Xiaoye - Size
-
... ... @@ -1,0 +1,1 @@ 1 +57.5 KB - Content
- image-20231110152122-4.png
-
- Author
-
... ... @@ -1,0 +1,1 @@ 1 +XWiki.Xiaoye - Size
-
... ... @@ -1,0 +1,1 @@ 1 +33.0 KB - Content