spell korection

This commit is contained in:
6543 2019-07-07 14:41:56 +02:00
parent ae35e1faae
commit b959528114

View File

@ -1,25 +1,25 @@
+++
title = "Wireguard Gateway & Android"
date = 2019-07-07T02:02:05+02:00
date = 2019-07-07T14:41:00+02:00
author = "MH"
cover = ""
tags = ["VPN", "Wireguard", "Android", "Setup"]
description = "Setup a Linux Wireguard Gateway and connet with Android"
showFullContent = false
draft = true
draft = false
+++

# Setup your Linux Server

Your Linux Server should be reachable throu an public via UDP.
If the IP address changes then DynDNS works just fine.
Your Linux server should be accessible via a public IP by UDP.
If the IP address changes, use DynDNS.

First **install WireGuard** on your Linux server. On the official website you will find
the right way for your Linux distro:
[WireGuard.com/install](https://www.wireguard.com/install/)

Then **configure** the Gateway.
We will use the 100.64.0.0/10 range (RFC 6598) because it wont colide with private IPv4 adresses (RFC 1918).
We will use the range 100.64.0.0/10 (RFC 6598) because it doesn't colide with private IPv4 adresses (RFC 1918).

echo '[Interface]' > /etc/wireguard/wg0.conf
echo "PrivateKey = $(wg genkey)" >> /etc/wireguard/wg0.conf
@ -29,11 +29,11 @@ We will use the 100.64.0.0/10 range (RFC 6598) because it wont colide with priva
iptables -t nat -A POSTROUTING -s 100.64.0.0/10 -o eth0 -j MASQUERADE
systemctl enable --now wg-quick@wg0

To get the public key type:
To get the public key (you need it later on):

wg pubkey <<<$(grep PrivateKey /etc/wireguard/wg_obermui.conf | cut -d ' ' -f3)

Now the Gateway is configured and running. To get som Information checkout wg and systemd:
Now the gateway is configured and running. To get some information, type in wg and use systemd:

systemctl status wg-quick@wg0
wg show
@ -42,26 +42,28 @@ Now the Gateway is configured and running. To get som Information checkout wg an

Download the App from [F-Droid](https://f-droid.org/en/packages/com.wireguard.android/) or [Google Play](https://play.google.com/store/apps/details?id=com.wireguard.android).

In WireGuard, you must manually set an IP address for each client. The ``100.64.0.0.0.0/10`` area has hosts from ```100.64.0.1`` to ``100.127.255.254```, the first one is already occupied by the gateway, so we use ```100.64.0.0.2````.

use [ABC].jgp to explane
![]({{<siteurl>}}img/wireguard-android/A.jpg) | ![]({{<siteurl>}}img/wireguard-android/B.jpg) | ![]({{<siteurl>}}img/wireguard-android/C.jpg)
-------|----------|--------
Open the app and "Create from scratch" | Generate a key pair. Make a note of the public key, you will need it later. Name the configuration and add the client IP address with 32 mask. | Add a peer. Now enter the gateway information. Allowed IPs is ```0.0.0.0/0```.

# Add Android Client to Server

Now add the client information to the gateway and restart the interface.

[Peer] >> /etc/wireguard/wg0.conf
PublicKey = <Client-Pub-Key> >> /etc/wireguard/wg0.conf
AllowedIPs = 100.64.0.101/32 >> /etc/wireguard/wg0.conf
AllowedIPs = 100.64.0.2/32 >> /etc/wireguard/wg0.conf

systemctl restart wg-quick@wg0 && ystemctl status wg-quick@wg0

________________________________

# Sources
look at
https://www.wireguard.com/quickstart/
[Wireguard Quickstart](https://www.wireguard.com/quickstart/)

use config from ct (heise)
https://www.heise.de/select/ct/2019/5/1551091519824850
Heise [Besser tunneln](https://www.heise.de/select/ct/2019/5/1551091519824850)

Witepaper https://www.wireguard.com/papers/wireguard.pdf
Witepaper [WireGuard: Next Generation Kernel Network Tunnel](https://www.wireguard.com/papers/wireguard.pdf)

Demo Video https://video.obermui.de/videos/watch/5009724a-a670-4130-bc99-4ab820773da6
Demo Video [Test WireGuard VPN net roaming](https://video.obermui.de/videos/watch/5009724a-a670-4130-bc99-4ab820773da6)