wg安装
Centos8
$ sudo yum install elrepo-release epel-release
$ sudo yum install kmod-wireguard wireguard-tools
Centos7
$ sudo yum install epel-release https://www.elrepo.org/elrepo-release-7.el7.elrepo.noarch.rpm
$ sudo yum install yum-plugin-elrepo
$ sudo yum install kmod-wireguard wireguard-tools
服务器配置
# 生成服务器私钥
wg genkey > privatekey
# 生成服务器公钥
wg pubkey < privatekey > publickey
# 生成口令(每个peer一个)
wg genpsk > presharedkey
# 服务器配置文件设置
cat /etc/wireguard/wg0.conf
[Interface]
Address = 192.168.8.1/24
PostUp = iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
PostDown = iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
ListenPort = 53 # 注意该端口是UDP端口
PrivateKey = 服务器私钥
[Peer]
PublicKey = 客户端公钥
PresharedKey = 口令
AllowedIPs = 192.168.8.10/32
[Peer]
PublicKey = 客户端公钥
PresharedKey = 口令
AllowedIPs = 192.168.8.10/32
如果在Centos7操作,注意跑下yum update(对内核版本有要求)
系统转发注意开启
net.ipv4.ip_forward = 1
开启关闭wg指令:
wg-quick up wg0
wg-quick down wg0
客户端配置文件
[Interface]
PrivateKey = 客户端私钥
Address = 192.168.8.10/32
DNS = 114.114.114.114
[Peer]
PublicKey = 服务器公钥
PresharedKey = 口令
AllowedIPs = 0.0.0.0/0
Endpoint = 服务器IP:服务器端口
PersistentKeepalive = 30
原文:https://www.cnblogs.com/wangruixing/p/12936643.html