Changes for page Use Wireguard VPN in Dragino Gateways
Last modified by Xiaoye on 2024/04/19 19:52
Summary
-
Page properties (1 modified, 0 added, 0 removed)
-
Attachments (0 modified, 0 added, 1 removed)
Details
- Page properties
-
- Content
-
... ... @@ -1,110 +1,0 @@ 1 -= How to configure Wireguard on the LPS8N/DLOS8N/LG308N = 2 - 3 - 4 -Due to the size of OpenVPN packages. We didn't add it as a default feature of gateways. If user want to use Wireguard Please upgrade your gateway firmware with the special [[firmware>>https://www.dragino.com/downloads/index.php?dir=LoRa_Gateway/DLOS8/Firmware/Wireguard-firmware/]]. 5 - 6 -== **1. Configuration via command line** == 7 - 8 -=== 1.1 Key Management === 9 - 10 -#Generate keys 11 - 12 -(% class="box infomessage" %) 13 -((( 14 -umask go= 15 - 16 -wg genkey | tee wgserver.key | wg pubkey > wgserver.pub 17 - 18 -wg genkey | tee wgclient.key | wg pubkey > wgclient.pub 19 - 20 -wg genpsk > wgclient.psk 21 -))) 22 - 23 -[[image:image-20231110150147-1.png||height="82" width="566"]] 24 - 25 - 26 -=== 1.2 Firewall configuration === 27 - 28 -((( 29 -#Configure firewall 30 -))) 31 - 32 -((( 33 - 34 -))) 35 - 36 -(% class="box infomessage" %) 37 -((( 38 -uci del_list firewall.wan.network="vpn" 39 - 40 -uci add_list firewall.wan.network="vpn" 41 - 42 -uci commit firewall 43 -))) 44 - 45 -[[image:image-20231110151524-2.png]] 46 - 47 - 48 -((( 49 -#Reload firewall 50 -))) 51 - 52 -(% class="box infomessage" %) 53 -((( 54 -/etc/init.d/firewall 55 -))) 56 - 57 - 58 -=== 1.3. Network configuration === 59 - 60 -((( 61 -#Configure network 62 -))) 63 - 64 - 65 -(% class="box infomessage" %) 66 -((( 67 - uci -q delete network.vpn 68 - uci set network.vpn="interface" 69 - uci set network.vpn.proto="wireguard" 70 - uci set network.vpn.private_key="{VPN_KEY}" 71 - uci add_list network.vpn.addresses="{VPN_ADDRESS}" 72 -))) 73 - 74 -[[image:image-20231110152122-4.png]] 75 - 76 - 77 -((( 78 -#Add VPN peers 79 -))) 80 - 81 -(% class="box infomessage" %) 82 -((( 83 - uci -q delete network.wgserver 84 - uci set network.wgserver="wireguard_vpn" 85 - uci set network.wgserver.public_key="{VPN_PUB}" 86 - uci set network.wgserver.endpoint_host="{VPN_SERVER}" 87 - uci set network.wgserver.preshared_key="{VPN_PSK}" 88 - uci set network.wgserver.endpoint_port="{VPN_PORT}" 89 - uci set network.wgserver.persistent_keepalive="25" 90 - uci set network.wgserver.route_allowed_ips="1" 91 - uci add_list network.wgserver.allowed_ips="0.0.0.0/0" 92 - uci add_list network.wgserver.allowed_ips="::/0" 93 - uci commit network 94 -))) 95 - 96 -[[image:image-20231110152109-3.png]] 97 - 98 - 99 -((( 100 -#reload network service 101 -))) 102 - 103 -(% class="box infomessage" %) 104 -((( 105 -/etc/init.d/network reload 106 -))) 107 - 108 - 109 - 110 -
- image-20231110152122-4.png
-
- Author
-
... ... @@ -1,1 +1,0 @@ 1 -XWiki.Xiaoye - Size
-
... ... @@ -1,1 +1,0 @@ 1 -33.0 KB - Content