chuleta_wireguard
#crear pareja de claves wg genkey | tee /etc/wireguard/privatekey | wg pubkey | tee /etc/wireguard/publickey #crear config de servidor # cat /etc/wireguard/wg0.conf [Interface] Address = 10.0.0.1/24 SaveConfig = true ListenPort = 51820 PrivateKey = k0+48PyALsG0TBEY6lvrrZtY/lmezHgn04xPqLMK33s= PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -t nat -A POSTROUTING -o ens3 -j MASQUERADE PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -t nat -D POSTROUTING -o ens3 -j MASQUERADE # arrancar wireguard wg-quick up wg0 # registrar como servicio systemctl enable wg-quick@wg0 # ver estado watch wg show #añadir cliente wg set wg0 peer FTOxio2hvUd9Q3CHJtEIWr267UZLKy3MbJNWDsgLfn8= allowed-ips 10.0.0.11 #eliminar cliente wg set wg0 peer HpO8VDfvmwJj6HlZLfapADU2kll4NTQnM8eJCNfbzUo= remove #config de cliente cat /etc/wireguard/wg0.conf [Interface] PrivateKey = qFbuLCN3nfgh+iSenqfghvtYfv+01hhTyw/ZWBvb1mk= Address = 10.0.0.2 #Table = off # No enrutar [Peer] PublicKey = LbRWuPnfghE1Su3LGe8q5VgXfghkLbY+hdoOSVM0xUY= Endpoint = cloud.laabogados.eu:51820 AllowedIPs = 192.168.123.0/24 # Rango ip accesible desde este cliente
chuleta_wireguard.txt · Last modified: by etfiat