Cloud VPN for your allstar node..and more!
ฝัง
- เผยแพร่เมื่อ 3 ต.ค. 2024
- Setting up cloud vpn
01) update all
apt update && apt upgrade -y
01a) reboot
02) enable ip forwarding
nano /etc/sysctl.conf
03) Make changes take affect
sysctl -p
03) install wireguard
apt install wireguard -y
04) change to wg directory
cd /etc/wireguard
05) generate keys
umask 077; wg genkey | tee privatekey | wg pubkey GREATER THAN ARROW publickey
06) see and copy server private key
cat privatekey
07) put in our config file
nano /etc/wireguard/wg0.conf
08) add this to wg0.conf and edit key and address
[Interface]
PrivateKey = XXXXXXXXXXXXXXXXXXXXX
Address = 10.10.10.1/24
ListenPort = 51820
PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
09) control + x then y then enter
10) Enable auto start after boot
systemctl enable wg-quick@wg0
11) start wireguard
systemctl enable wg-quick@wg0
12) configure client
13) finish server config
nano /etc/wireguard/wg0.conf--------------------------FINISH
14) setup ufw
apt install ufw
ufw allow 22/tcp
ufw allow 51820/udp
15) restart ufw
ufw disable
ufw enable
16) check wireguard status
wg show
-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Setting up hamvoip vpn client
01) Login and option 9 to bash shell
02) install wirgeguard
pacman -Syu hamvoip-wireguard
03) generate keys
wg genkey | sudo tee /etc/wireguard/client_private.key | wg pubkey | sudo tee /etc/wireguard/client_public.key
04) copy keys to notepad
cat /etc/wireguard/client_private.key
cat /etc/wireguard/client_public.key
05) setup wg0.conf file
nano /etc/wireguard/wg0.conf
[Interface]
Address = 10.10.10.2/24 -------change to match last digit
DNS = 8.8.8.8
PrivateKey = "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" ---------------change to private key of client
[Peer]
PublicKey = "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" ----------change to public key of server
AllowedIPs = 0.0.0.0/0
Endpoint = xx.xx.xx.xx:51820 --------Change X to your PUBLIC IP of server
PersistentKeepalive = 25
06) Start wireguard
sudo systemctl start wg-quick@wg0.service
07) Enable on boot
sudo systemctl enable wg-quick@wg0.service
07a) do a reload of wireguard
wg-quick down wg0
wg-quick up wg0
08) After server setup, check wireguard status
systemctl status wg-quick@wg0.service
and "wg show"
09) confirm allstar now has your SERVER PUBLIC ip address
host myip.opendns.com resolver1.opendns.com | grep "myip.opendns.com has"
Should return the public ip of your server and NOT your home ip.
Link to instructions. I HAVE NO AFFILLIATION WITH THIS!
basedatahub.co...