update
This commit is contained in:
parent
1b1afd1a2a
commit
6b8b9f8c5f
|
@ -98,7 +98,8 @@ This configuration when run creates a new `wg0` network interface on the machine
|
|||
will be used to encrypt packets
|
||||
* **\# PublicKey** - just a note, what is the public key of the private key
|
||||
* **Address** - IP address on the created wg0 network interface,
|
||||
`/24` defines its mask as `255.255.255.0`
|
||||
can be whatever you want as long as it does not clash with other networks.
|
||||
`/24` defines the mask as `255.255.255.0`
|
||||
* **ListenPort** - port on which wireguard connects to the internet, using UDP protocol
|
||||
* **PostUp/PostDown** - section where one can define what should be done after
|
||||
the interface is turned on or off.<br>
|
||||
|
@ -106,12 +107,13 @@ This configuration when run creates a new `wg0` network interface on the machine
|
|||
which you want to replace with your own<br>
|
||||
This setup ipv4 only
|
||||
|
||||
**[Peer]** - section defining a peers
|
||||
**[Peer]** - section defining a peers that will be able to connect
|
||||
* **PublicKey** - public key of the peer
|
||||
* **AllowedIPs** - IP addresses that you want to reach at the other end of the tunnel.<br>
|
||||
When `wg-quick` is run with these defined, a route is added in to the network stack
|
||||
that makes sure that if something wants IP address defined here, it is send to `wg0`.<br>
|
||||
Two peers can not have same IP set in there.<br>
|
||||
When `wg-quick` is run with these defined, a route is added in to the machines
|
||||
network stack that makes sure that if something wants IP address defined here,
|
||||
it is send to `wg0`.<br>
|
||||
Two peers can not have the same IP.<br>
|
||||
In this case we want to define only single IP of the client as being accessible, allowed through.
|
||||
|
||||
### Start and enable the service
|
||||
|
@ -151,7 +153,7 @@ Endpoint = 63.123.113.495:51820
|
|||
Two peers can not have same IP set in there.<br>
|
||||
In this client case, we want to be able to communicate with the wireguard server,
|
||||
so its IP is added, but also the entire local network at the end of the tunnel,
|
||||
so its entire range is added.
|
||||
so the entire range is added.
|
||||
* **Endpoint** - public IP at which to find the WireGuard server across the internet
|
||||
|
||||
![windows-client](https://i.imgur.com/T5oA2No.png)
|
||||
|
@ -178,8 +180,8 @@ The generated crypto keys are used all over in configuration.
|
|||
Would it not be nice if at a simple glance
|
||||
you would immediatly know which peer they represent?
|
||||
|
||||
Well, what if you generate few millions of keys and pick ones that fit some rule
|
||||
of having a desired string somewhere in the first 10 letters?
|
||||
Well, what if you generate few millions of keys and pick the ones
|
||||
that fit some rule of having a desired string somewhere in the first letters?
|
||||
|
||||
[https://github.com/warner/wireguard-vanity-address](https://github.com/warner/wireguard-vanity-address)
|
||||
|
||||
|
|
Loading…
Reference in New Issue