Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
userdoc:tt_wireguard_vpn [2019/07/03 09:07] abelbeck [WireGuard VPN Configuration] |
userdoc:tt_wireguard_vpn [2020/03/30 09:33] abelbeck [WireGuard VPN Configuration] |
||
---|---|---|---|
Line 3: | Line 3: | ||
AstLinux now supports the [[https:// | AstLinux now supports the [[https:// | ||
- | !!Info ->!! Currently (November 2018) WireGuard | + | !!Info ->!! Currently (March 2020) WireGuard |
!!Note: AstLinux 1.3.2 or later is required, new features with 1.3.5 or later!! | !!Note: AstLinux 1.3.2 or later is required, new features with 1.3.5 or later!! | ||
Line 9: | Line 9: | ||
!!Note: AstLinux 1.3.6 or later!! supports **Reload WireGuard VPN** | !!Note: AstLinux 1.3.6 or later!! supports **Reload WireGuard VPN** | ||
+ | !!Note: AstLinux 1.3.7 or later!! supports **WG-> | ||
===== WireGuard Initial Configuration ===== | ===== WireGuard Initial Configuration ===== | ||
Line 135: | Line 136: | ||
{{: | {{: | ||
+ | |||
+ | !!Note: AstLinux 1.3.6 or later!! supports **Reload WireGuard VPN** for those situations when only peers are edited, added or removed. | ||
+ | |||
+ | If Tunnel/ | ||
+ | |||
===== WireGuard Configuration Options ===== | ===== WireGuard Configuration Options ===== | ||
Line 174: | Line 180: | ||
* Peer Isolation: | * Peer Isolation: | ||
+ | !!Note: AstLinux 1.3.7 or later!! supports **WG-> | ||
+ | |||
+ | {{: | ||
+ | |||
+ | * Firewall Rules: Choose either "Deny WG-> | ||
+ | |||
+ | !!Important ->!! The default policy is to allow all **WG-> | ||
+ | |||
+ | ICMP Echo Request (ping) packets are allowed and rate-limited for **WG-> | ||
+ | |||
+ | * TCP: Define '' | ||
+ | * UDP: Define '' | ||
+ | |||
+ | !!Tip ->!! Allow SSH and DNS traffic, deny all other traffic ... choose "Pass WG-> | ||
+ | |||
+ | !!Tip ->!! Deny HTTP/HTTPS traffic, allow all other traffic ... choose "Deny WG-> | ||
+ | |||
+ | !!Tip ->!! Click on the blue '' | ||
+ | |||
+ | \\ | ||
{{: | {{: | ||
- | When WireGuard VPN is active, a "This Peer's Public Key:" entry is shown, for easy copy/paste to remote peer configurations | + | When WireGuard VPN is active, a "This Peer's Public Key:" entry is shown, for easy copy/paste to remote peer configurations. |
- | . | + | |
===== Enable Firewall ===== | ===== Enable Firewall ===== | ||
Line 229: | Line 255: | ||
===== WireGuard Client Support ===== | ===== WireGuard Client Support ===== | ||
- | WireGuard is now available for [[https:// | + | WireGuard is now available for [[https:// |
+ | |||
+ | Each client is open source and free to use. | ||
\\ | \\ |