Both sides previous revision
Previous revision
Next revision
|
Previous revision
Next revision
Both sides next revision
|
userdoc:tt_wireguard_vpn [2018/12/01 10:50] abelbeck [WireGuard Configuration Options] |
userdoc:tt_wireguard_vpn [2018/12/07 09:25] abelbeck [WireGuard Mobile Client Configuration] |
Check "WireGuard VPN" and click on **WireGuard Configuration** | Check "WireGuard VPN" and click on **WireGuard Configuration** |
| |
{{:userdoc:wireguard-vpn-initial-config.jpg?nolink|WireGuard VPN Initial Config}} | {{:userdoc:wireguard-vpn-initial-config.png?nolink|WireGuard VPN Initial Config}} |
| |
Fill in the "IPv4 Address", click "Save Settings" and then "Restart VPN". | Fill in the "IPv4 Address", click "Save Settings" and then "Restart VPN". |
[Remote_Config] | [Remote_Config] |
Address = 10.4.0.137/24 | Address = 10.4.0.137/24 |
DNS = 192.168.101.1 | DNS = 10.4.0.10 |
| |
* The ''[Peer]'' section defines the AstLinux WireGuard configuration, and should not ever be edited. | * The ''[Peer]'' section defines the AstLinux WireGuard configuration, and should not ever be edited. |
===== WireGuard Configuration Options ===== | ===== WireGuard Configuration Options ===== |
| |
{{:userdoc:wireguard-vpn-tunnel.jpg?nolink|WireGuard VPN Tunnel Options}} | {{:userdoc:wireguard-vpn-tunnel.png?nolink|WireGuard VPN Tunnel Options}} |
| |
* IPv4 Address: Define an IPv4 address which configures the WireGuard tunnel device ''wg0'' network. Required. | * IPv4 Address: Define an IPv4 address which configures the WireGuard tunnel device ''wg0'' network. Required. |
!!Note ->!! If an ''AllowedIPs'' entry specifies a ''/0'' default route, no automatic route will be created for that entry. | !!Note ->!! If an ''AllowedIPs'' entry specifies a ''/0'' default route, no automatic route will be created for that entry. |
| |
{{:userdoc:wireguard-vpn-interface.jpg?nolink|WireGuard VPN Interface Options}} | {{:userdoc:wireguard-vpn-interface.png?nolink|WireGuard VPN Interface Options}} |
| |
* Interface Device: Set the tunnel interface device, currently only ''wg0'' is shown. | * Interface Device: Set the tunnel interface device, currently only ''wg0'' is shown. |
* Peer Isolation: Choose to "Pass" or "Deny" Peer->Peer traffic. "Deny" isolates connected peers, blocking access with each other. | * Peer Isolation: Choose to "Pass" or "Deny" Peer->Peer traffic. "Deny" isolates connected peers, blocking access with each other. |
| |
{{:userdoc:wireguard-vpn-public-key.jpg?nolink|WireGuard VPN Public Key}} | {{:userdoc:wireguard-vpn-public-key.png?nolink|WireGuard VPN Public Key}} |
| |
When WireGuard VPN is active, a "This Peer's Public Key:" entry is shown, for easy copy/paste to remote peer configurations | When WireGuard VPN is active, a "This Peer's Public Key:" entry is shown, for easy copy/paste to remote peer configurations |