apt update -y && apt install wireguard -y| Recher | IP | Tunnel IP | User | Passwort | Notes |
|---|---|---|---|---|---|
| IONOS VPS | 217.160.11.95 | 10.0.0.1 | root | xJ#p9$*DfT | |
| NAS | 192.168.30.10 | 10.0.0.2 | root | romdz6! | |
| Handy | 10.0.0.3 |
wg genkey | tee server_private.key | wg pubkey > server_public.key| Rechner | Private | Public |
|---|---|---|
| IONOS VPS | YFgaDQBWzcfCE25q8bUocKRqz5LT1GS6eGrX6SldT3s= | mFFQAlQt3yMFpG6DbCtN61XXL379epc4MoL0mGM7H30= |
| NAS | EGPMX6pxjh86u0M+YaNUk21suG7iFIOl2jgkvVcf1ng= | 4XOnKh1ZZs6cNVjyFEjTz3njPUYTta3OSPTY4bsCLCs= |
| Handy | mJkKiZROoUm0PtT15kF8b3xmNVMGKUHv7dP6SxEyDEs= | Or5f7b6myu8FfYUOGG9aqCxj6L38bKlzinszbT6tHhY= |
[Interface] Address = 10.0.0.1/24 PrivateKey = YFgaDQBWzcfCE25q8bUocKRqz5LT1GS6eGrX6SldT3s= ListenPort = 51820 PostUp = iptables -A FORWARD -i wg0 -o wg0 -j ACCEPT PostUp = iptables -A FORWARD -i wg0 -j ACCEPT PostUp = echo "200 wgexit" >> /etc/iproute2/rt_tables PostUp = ip rule add from 10.0.0.3 table 200 PostUp = ip route add default via 10.0.0.2 dev wg0 table 200 PostDown = iptables -D FORWARD -i wg0 -o wg0 -j ACCEPT PostDown = iptables -D FORWARD -i wg0 -j ACCEPT PostDown = ip rule del from 10.0.0.3 table 200 PostDown = ip route del default via 10.0.0.2 dev wg0 table 200 [Peer] # NAS PublicKey = 4XOnKh1ZZs6cNVjyFEjTz3njPUYTta3OSPTY4bsCLCs= AllowedIPs = 10.0.0.2/32, 192.168.30.0/24 PersistentKeepalive = 25 [Peer] # Handy PublicKey = Or5f7b6myu8FfYUOGG9aqCxj6L38bKlzinszbT6tHhY= AllowedIPs = 10.0.0.3/32 PersistentKeepalive = 25
[Interface] Address = 10.0.0.2/24 PrivateKey = EGPMX6pxjh86u0M+YaNUk21suG7iFIOl2jgkvVcf1ng= DNS = 192.168.30.20 PostUp = iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE PostUp = iptables -A FORWARD -i wg0 -o eno1 -j ACCEPT PostUp = iptables -A FORWARD -i eno1 -o wg0 -j ACCEPT # eno1 -> LAN-Interface PostDown = iptables -t nat -D POSTROUTING -o eno1 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -o eno1 -j ACCEPT PostDown = iptables -D FORWARD -i eno1 -o wg0 -j ACCEPT # VPS Server [Peer] PublicKey = mFFQAlQt3yMFpG6DbCtN61XXL379epc4MoL0mGM7H30= Endpoint = 217.160.11.95:51820 AllowedIPs = 0.0.0.0/0 PersistentKeepalive = 25
[Interface] Address = 10.0.0.3/24 PrivateKey = mJkKiZROoUm0PtT15kF8b3xmNVMGKUHv7dP6SxEyDEs= DNS = 192.168.30.20 [Peer] Endpoint = 217.160.11.95:51820 PublicKey = mFFQAlQt3yMFpG6DbCtN61XXL379epc4MoL0mGM7H30= AllowedIPs = 0.0.0.0/0, ::/0 PersistentKeepalive = 25