Wireguard » Historique » Révision 5
Révision 4 (sacha, 05/10/2018 11:17) → Révision 5/46 (sacha, 05/10/2018 13:10)
# Wireguard Le VPN Kiss & performant ## Installation https://www.wireguard.com/install/ ## Configuration ### Serveur ~~~ umask 077 wg genkey > /etc/wireguard/private wg genkey | tee /etc/wireguard/private | wg pubkey > /etc/wireguard/publickey wg set wg0 private-key /etc/wireguard/private ip link set wg0 up cat << EOF > /etc/wireguard/wireguard.conf [Interface] ListenPort = 50000 PrivateKey = `cat /etc/wireguard/private` [Peer] PublicKey = Va0X1zOpRc9471Aa3DEUUy7UkAv5aq5SojtIPqOSqwg= AllowedIPs = 10.33.33.0/24 Endpoint = 185.233.100.19:50000 EOF ~~~ ### Client ~~~ umask 077 wg genkey > /etc/wireguard/private wg genkey | tee /etc/wireguard/private | wg pubkey > /etc/wireguard/publickey wg set wg0 private-key /etc/wireguard/private ip link set wg0 up ~~~ ### 1er test: @Sacha's Home (Fibre Bouygues) --> @Hypnos (VM Aquilenet) ~~~ root@hypnos:/etc/wireguard# iperf3 -s ----------------------------------------------------------- Server listening on 5201 ----------------------------------------------------------- Accepted connection from 10.33.33.2, port 60038 [ 5] local 10.33.33.1 port 5201 connected to 10.33.33.2 port 60040 [ ID] Interval Transfer Bandwidth [ 5] 0.00-1.00 sec 15.1 MBytes 127 Mbits/sec [ 5] 1.00-2.00 sec 19.9 MBytes 167 Mbits/sec [ 5] 2.00-3.00 sec 20.1 MBytes 169 Mbits/sec [ 5] 3.00-4.00 sec 20.1 MBytes 169 Mbits/sec [ 5] 4.00-5.00 sec 19.7 MBytes 166 Mbits/sec [ 5] 5.00-6.00 sec 20.0 MBytes 168 Mbits/sec [ 5] 6.00-7.00 sec 20.2 MBytes 169 Mbits/sec [ 5] 7.00-8.00 sec 20.2 MBytes 170 Mbits/sec [ 5] 8.00-9.00 sec 20.1 MBytes 169 Mbits/sec [ 5] 9.00-10.00 sec 20.2 MBytes 169 Mbits/sec [ 5] 10.00-10.03 sec 566 KBytes 165 Mbits/sec - - - - - - - - - - - - - - - - - - - - - - - - - [ ID] Interval Transfer Bandwidth [ 5] 0.00-10.03 sec 0.00 Bytes 0.00 bits/sec sender [ 5] 0.00-10.03 sec 196 MBytes 164 Mbits/sec receiver ----------------------------------------------------------- Server listening on 5201 ----------------------------------------------------------- ~~~ ~~~ root@hypnos:/etc/wireguard# wg interface: wg0 public key: Va0X1zOpRc9471Aa3DEUUy7UkAv5aq5SojtIPqOSqwg= private key: (hidden) listening port: 50000 peer: VEfmgnq/aXPX3qBB7Q2fgxAawQdfUYZDRKEQSPC8tnA= endpoint: 5.51.0.155:3418 allowed ips: 10.33.33.0/24 latest handshake: 4 minutes, 30 seconds ago transfer: 208.75 MiB received, 6.68 MiB sent ~~~ ## InstallDebian sur Apu2 https://blog.pgeiser.com/posts/2017/04/installing-debian-stretch-on-a-machine-without-a-graphic-card/