From b959528114b1bf46615a9bd45478ebdc32e1dcbd Mon Sep 17 00:00:00 2001 From: 6543 <6543@obermui.de> Date: Sun, 7 Jul 2019 14:41:56 +0200 Subject: [PATCH] spell korection --- content/post/wireguard-vps-android.md | 34 ++++++++++++++------------- 1 file changed, 18 insertions(+), 16 deletions(-) diff --git a/content/post/wireguard-vps-android.md b/content/post/wireguard-vps-android.md index f61ed6d..41e02a6 100644 --- a/content/post/wireguard-vps-android.md +++ b/content/post/wireguard-vps-android.md @@ -1,25 +1,25 @@ +++ title = "Wireguard Gateway & Android" -date = 2019-07-07T02:02:05+02:00 +date = 2019-07-07T14:41:00+02:00 author = "MH" cover = "" tags = ["VPN", "Wireguard", "Android", "Setup"] description = "Setup a Linux Wireguard Gateway and connet with Android" showFullContent = false -draft = true +draft = false +++ # Setup your Linux Server -Your Linux Server should be reachable throu an public via UDP. -If the IP address changes then DynDNS works just fine. +Your Linux server should be accessible via a public IP by UDP. +If the IP address changes, use DynDNS. First **install WireGuard** on your Linux server. On the official website you will find the right way for your Linux distro: [WireGuard.com/install](https://www.wireguard.com/install/) Then **configure** the Gateway. -We will use the 100.64.0.0/10 range (RFC 6598) because it wont colide with private IPv4 adresses (RFC 1918). +We will use the range 100.64.0.0/10 (RFC 6598) because it doesn't colide with private IPv4 adresses (RFC 1918). echo '[Interface]' > /etc/wireguard/wg0.conf echo "PrivateKey = $(wg genkey)" >> /etc/wireguard/wg0.conf @@ -29,11 +29,11 @@ We will use the 100.64.0.0/10 range (RFC 6598) because it wont colide with priva iptables -t nat -A POSTROUTING -s 100.64.0.0/10 -o eth0 -j MASQUERADE systemctl enable --now wg-quick@wg0 -To get the public key type: +To get the public key (you need it later on): wg pubkey <<<$(grep PrivateKey /etc/wireguard/wg_obermui.conf | cut -d ' ' -f3) -Now the Gateway is configured and running. To get som Information checkout wg and systemd: +Now the gateway is configured and running. To get some information, type in wg and use systemd: systemctl status wg-quick@wg0 wg show @@ -42,26 +42,28 @@ Now the Gateway is configured and running. To get som Information checkout wg an Download the App from [F-Droid](https://f-droid.org/en/packages/com.wireguard.android/) or [Google Play](https://play.google.com/store/apps/details?id=com.wireguard.android). +In WireGuard, you must manually set an IP address for each client. The ``100.64.0.0.0.0/10`` area has hosts from ```100.64.0.1`` to ``100.127.255.254```, the first one is already occupied by the gateway, so we use ```100.64.0.0.2````. -use [ABC].jgp to explane + ![]({{}}img/wireguard-android/A.jpg) | ![]({{}}img/wireguard-android/B.jpg) | ![]({{}}img/wireguard-android/C.jpg) + -------|----------|-------- + Open the app and "Create from scratch" | Generate a key pair. Make a note of the public key, you will need it later. Name the configuration and add the client IP address with 32 mask. | Add a peer. Now enter the gateway information. Allowed IPs is ```0.0.0.0/0```. # Add Android Client to Server +Now add the client information to the gateway and restart the interface. + [Peer] >> /etc/wireguard/wg0.conf PublicKey = >> /etc/wireguard/wg0.conf - AllowedIPs = 100.64.0.101/32 >> /etc/wireguard/wg0.conf + AllowedIPs = 100.64.0.2/32 >> /etc/wireguard/wg0.conf systemctl restart wg-quick@wg0 && ystemctl status wg-quick@wg0 -________________________________ # Sources -look at -https://www.wireguard.com/quickstart/ +[Wireguard Quickstart](https://www.wireguard.com/quickstart/) -use config from ct (heise) -https://www.heise.de/select/ct/2019/5/1551091519824850 +Heise [Besser tunneln](https://www.heise.de/select/ct/2019/5/1551091519824850) -Witepaper https://www.wireguard.com/papers/wireguard.pdf +Witepaper [WireGuard: Next Generation Kernel Network Tunnel](https://www.wireguard.com/papers/wireguard.pdf) -Demo Video https://video.obermui.de/videos/watch/5009724a-a670-4130-bc99-4ab820773da6 +Demo Video [Test WireGuard VPN net roaming](https://video.obermui.de/videos/watch/5009724a-a670-4130-bc99-4ab820773da6)