Wireguard » Historique » Version 2
sacha, 05/10/2018 11:11
| 1 | 1 | sacha | # Wireguard |
|---|---|---|---|
| 2 | |||
| 3 | Le VPN Kiss & performant |
||
| 4 | |||
| 5 | ## Installation |
||
| 6 | |||
| 7 | https://www.wireguard.com/install/ |
||
| 8 | |||
| 9 | ## Configuration |
||
| 10 | |||
| 11 | ### Serveur |
||
| 12 | |||
| 13 | ~~~ |
||
| 14 | umask 077 |
||
| 15 | wg genkey > /etc/wireguard/private |
||
| 16 | wg genkey | tee /etc/wireguard/private | wg pubkey > /etc/wireguard/publickey |
||
| 17 | wg set wg0 private-key /etc/wireguard/private |
||
| 18 | ip link set wg0 up |
||
| 19 | |||
| 20 | cat << EOF > /etc/wireguard/wireguard.conf |
||
| 21 | [Interface] |
||
| 22 | ListenPort = 50000 |
||
| 23 | PrivateKey = `cat /etc/wireguard/private` |
||
| 24 | |||
| 25 | [Peer] |
||
| 26 | PublicKey = Va0X1zOpRc9471Aa3DEUUy7UkAv5aq5SojtIPqOSqwg= |
||
| 27 | AllowedIPs = 10.33.33.0/24 |
||
| 28 | Endpoint = 185.233.100.19:50000 |
||
| 29 | EOF |
||
| 30 | |||
| 31 | ~~~ |
||
| 32 | |||
| 33 | ### Client |
||
| 34 | |||
| 35 | ~~~ |
||
| 36 | umask 077 |
||
| 37 | wg genkey > /etc/wireguard/private |
||
| 38 | wg genkey | tee /etc/wireguard/private | wg pubkey > /etc/wireguard/publickey |
||
| 39 | wg set wg0 private-key /etc/wireguard/private |
||
| 40 | ip link set wg0 up |
||
| 41 | ~~~ |
||
| 42 | 2 | sacha | |
| 43 | |||
| 44 | ~~~ |
||
| 45 | |||
| 46 | root@hypnos:/etc/wireguard# iperf3 -s |
||
| 47 | ----------------------------------------------------------- |
||
| 48 | Server listening on 5201 |
||
| 49 | ----------------------------------------------------------- |
||
| 50 | Accepted connection from 10.33.33.2, port 60038 |
||
| 51 | [ 5] local 10.33.33.1 port 5201 connected to 10.33.33.2 port 60040 |
||
| 52 | [ ID] Interval Transfer Bandwidth |
||
| 53 | [ 5] 0.00-1.00 sec 15.1 MBytes 127 Mbits/sec |
||
| 54 | [ 5] 1.00-2.00 sec 19.9 MBytes 167 Mbits/sec |
||
| 55 | [ 5] 2.00-3.00 sec 20.1 MBytes 169 Mbits/sec |
||
| 56 | [ 5] 3.00-4.00 sec 20.1 MBytes 169 Mbits/sec |
||
| 57 | [ 5] 4.00-5.00 sec 19.7 MBytes 166 Mbits/sec |
||
| 58 | [ 5] 5.00-6.00 sec 20.0 MBytes 168 Mbits/sec |
||
| 59 | [ 5] 6.00-7.00 sec 20.2 MBytes 169 Mbits/sec |
||
| 60 | [ 5] 7.00-8.00 sec 20.2 MBytes 170 Mbits/sec |
||
| 61 | [ 5] 8.00-9.00 sec 20.1 MBytes 169 Mbits/sec |
||
| 62 | [ 5] 9.00-10.00 sec 20.2 MBytes 169 Mbits/sec |
||
| 63 | [ 5] 10.00-10.03 sec 566 KBytes 165 Mbits/sec |
||
| 64 | - - - - - - - - - - - - - - - - - - - - - - - - - |
||
| 65 | [ ID] Interval Transfer Bandwidth |
||
| 66 | [ 5] 0.00-10.03 sec 0.00 Bytes 0.00 bits/sec sender |
||
| 67 | [ 5] 0.00-10.03 sec 196 MBytes 164 Mbits/sec receiver |
||
| 68 | ----------------------------------------------------------- |
||
| 69 | Server listening on 5201 |
||
| 70 | ----------------------------------------------------------- |
||
| 71 | ~~~ |
||
| 72 | |||
| 73 | |||
| 74 | ~~~ |
||
| 75 | root@hypnos:/etc/wireguard# wg |
||
| 76 | interface: wg0 |
||
| 77 | public key: Va0X1zOpRc9471Aa3DEUUy7UkAv5aq5SojtIPqOSqwg= |
||
| 78 | private key: (hidden) |
||
| 79 | listening port: 50000 |
||
| 80 | |||
| 81 | peer: VEfmgnq/aXPX3qBB7Q2fgxAawQdfUYZDRKEQSPC8tnA= |
||
| 82 | endpoint: 5.51.0.155:3418 |
||
| 83 | allowed ips: 10.33.33.0/24 |
||
| 84 | latest handshake: 4 minutes, 30 seconds ago |
||
| 85 | transfer: 208.75 MiB received, 6.68 MiB sent |
||
| 86 | ~~~ |