This shows you the differences between two versions of the page.
Both sides previous revision
Previous revision
Next revision
|
Previous revision
Next revision
Both sides next revision
|
userdoc:tt_wireguard_vpn [2019/07/03 09:16] abelbeck [WireGuard Remote Peer Configuration] |
userdoc:tt_wireguard_vpn [2019/09/19 11:04] abelbeck [WireGuard Configuration Options] |
!!Note: AstLinux 1.3.6 or later!! supports **Reload WireGuard VPN** | !!Note: AstLinux 1.3.6 or later!! supports **Reload WireGuard VPN** |
| |
| !!Note: AstLinux 1.3.7 or later!! supports **WG->Local** firewall rules |
===== WireGuard Initial Configuration ===== | ===== WireGuard Initial Configuration ===== |
| |
* Redirect Ports: Choose pre-defined UDP ports on the external interface to redirect to the "UDP Listen Port". This is useful when a remote client using public WiFi with restrictive outbound port filtering can use alternate outbound ports to the standard WireGuard VPN endpoint. {{:userdoc:wireguard-vpn-firewall-redirect-ports.png?nolink|WireGuard VPN Firewall Redirect Ports}} | * Redirect Ports: Choose pre-defined UDP ports on the external interface to redirect to the "UDP Listen Port". This is useful when a remote client using public WiFi with restrictive outbound port filtering can use alternate outbound ports to the standard WireGuard VPN endpoint. {{:userdoc:wireguard-vpn-firewall-redirect-ports.png?nolink|WireGuard VPN Firewall Redirect Ports}} |
* Peer Isolation: Choose to "Pass" or "Deny" Peer->Peer traffic. "Deny" isolates connected peers, blocking access with each other. | * Peer Isolation: Choose to "Pass" or "Deny" Peer->Peer traffic. "Deny" isolates connected peers, blocking access with each other. |
| |
| {{:userdoc:wireguard-vpn-firewall-wg-local.png?nolink|WireGuard VPN Firewall WG->Local}} |
| |
{{:userdoc:wireguard-vpn-public-key.png?nolink|WireGuard VPN Public Key}} | {{:userdoc:wireguard-vpn-public-key.png?nolink|WireGuard VPN Public Key}} |