Wiki source code of LoRaWAN Gateway version with Wireguard Support
Show last authors
| author | version | line-number | content |
|---|---|---|---|
| 1 | = How to configure Wireguard on the LPS8N/DLOS8N/LG308N = | ||
| 2 | |||
| 3 | == **1. Configuration via command line** == | ||
| 4 | |||
| 5 | === 1.1 Key Management === | ||
| 6 | |||
| 7 | #Generate keys | ||
| 8 | |||
| 9 | (% class="box infomessage" %) | ||
| 10 | ((( | ||
| 11 | umask go= | ||
| 12 | |||
| 13 | wg genkey | tee wgserver.key | wg pubkey > wgserver.pub | ||
| 14 | |||
| 15 | wg genkey | tee wgclient.key | wg pubkey > wgclient.pub | ||
| 16 | |||
| 17 | wg genpsk > wgclient.psk | ||
| 18 | ))) | ||
| 19 | |||
| 20 | [[image:image-20231110150147-1.png||height="82" width="566"]] | ||
| 21 | |||
| 22 | |||
| 23 | === 1.2 Firewall configuration === | ||
| 24 | |||
| 25 | ((( | ||
| 26 | #Configure firewall | ||
| 27 | ))) | ||
| 28 | |||
| 29 | ((( | ||
| 30 | |||
| 31 | ))) | ||
| 32 | |||
| 33 | (% class="box infomessage" %) | ||
| 34 | ((( | ||
| 35 | uci del_list firewall.wan.network="vpn" | ||
| 36 | |||
| 37 | uci add_list firewall.wan.network="vpn" | ||
| 38 | |||
| 39 | uci commit firewall | ||
| 40 | ))) | ||
| 41 | |||
| 42 | [[image:image-20231110151524-2.png]] | ||
| 43 | |||
| 44 | |||
| 45 | ((( | ||
| 46 | #Reload firewall | ||
| 47 | ))) | ||
| 48 | |||
| 49 | (% class="box infomessage" %) | ||
| 50 | ((( | ||
| 51 | /etc/init.d/firewall | ||
| 52 | ))) | ||
| 53 | |||
| 54 | |||
| 55 | === 1.3. Network configuration === | ||
| 56 | |||
| 57 | ((( | ||
| 58 | #Configure network | ||
| 59 | ))) | ||
| 60 | |||
| 61 | |||
| 62 | (% class="box infomessage" %) | ||
| 63 | ((( | ||
| 64 | uci -q delete network.vpn | ||
| 65 | uci set network.vpn="interface" | ||
| 66 | uci set network.vpn.proto="wireguard" | ||
| 67 | uci set network.vpn.private_key="{VPN_KEY}" | ||
| 68 | uci add_list network.vpn.addresses="{VPN_ADDRESS}" | ||
| 69 | ))) | ||
| 70 | |||
| 71 | [[image:image-20231110152122-4.png]] | ||
| 72 | |||
| 73 | |||
| 74 | ((( | ||
| 75 | #Add VPN peers | ||
| 76 | ))) | ||
| 77 | |||
| 78 | (% class="box infomessage" %) | ||
| 79 | ((( | ||
| 80 | uci -q delete network.wgserver | ||
| 81 | uci set network.wgserver="wireguard_vpn" | ||
| 82 | uci set network.wgserver.public_key="{VPN_PUB}" | ||
| 83 | uci set network.wgserver.endpoint_host="{VPN_SERVER}" | ||
| 84 | uci set network.wgserver.preshared_key="{VPN_PSK}" | ||
| 85 | uci set network.wgserver.endpoint_port="{VPN_PORT}" | ||
| 86 | uci set network.wgserver.persistent_keepalive="25" | ||
| 87 | uci set network.wgserver.route_allowed_ips="1" | ||
| 88 | uci add_list network.wgserver.allowed_ips="0.0.0.0/0" | ||
| 89 | uci add_list network.wgserver.allowed_ips="::/0" | ||
| 90 | uci commit network | ||
| 91 | ))) | ||
| 92 | |||
| 93 | [[image:image-20231110152109-3.png]] | ||
| 94 | |||
| 95 | |||
| 96 | ((( | ||
| 97 | #reload network service | ||
| 98 | ))) | ||
| 99 | |||
| 100 | (% class="box infomessage" %) | ||
| 101 | ((( | ||
| 102 | /etc/init.d/network reload | ||
| 103 | ))) | ||
| 104 | |||
| 105 | |||
| 106 | |||
| 107 |