E wehewehe kikoʻī kēia ʻatikala pehea e hoʻonohonoho ai iā Wireguard VPN ma kāu kikowaena. Hiki iā ia ke kikowaena virtual a pilikino paha - ʻaʻohe mea nui.
Hoʻolālā ʻia kēia alakaʻi hoʻonohonoho ʻo VPN Wireguard no nā mea hoʻohana ʻaʻole ʻike nui, no laila e kikoʻī ʻia nā ʻanuʻu āpau a hahai ʻia e nā screenshots.
E hoʻopili ʻia nā kaʻa e hele ana ma kā mākou tunnel, a e hōʻike ka Pūnaewele i ka IP address o kā mākou kikowaena VPN, ʻaʻole ka helu o ka mea hoʻolako e komo ai mākou i ka pūnaewele.
Ua manaʻo ʻia ua loaʻa iā ʻoe kahi VPS. Inā ʻaʻole, hiki iā ʻoe aoao mai ia makou mai.
E hoʻokomo mākou i ka ʻōnaehana hana ʻo Ubuntu 22.04 ma kā mākou kikowaena. Inā loaʻa iā ʻoe kahi kikowaena me kahi OS ʻē aʻe, a laila hiki iā ʻoe ke hoʻouka hou iā ia ma hope o ka olelo.
No laila, ua mākaukau ke kikowaena me Ubuntu 22.04 OS, i kēia manawa e hoʻopili mākou iā ia ma o SSH. Inā ʻaʻole ʻoe i ʻike i kēia protocol ma mua, a laila he ʻatikala kahi i wehewehe kikoʻī ʻia ai kēia kaʻina e kōkua iā ʻoe. Ka pauku elua o ka Haawina no Linux OS, ʻo ke kolu no Windows OS.
Hoʻonohonoho i ke kikowaena Wireguard
Ma hope o ka pilina holomua, e kākau wau i kekahi mau kauoha a me ka wehewehe ʻana i nā mea a lākou e hana ai e hoʻomaopopo i ke kaʻina hana:
Hoʻonui mākou i ka papa inoa o nā pūʻolo i loko o nā waihona
apt updateHoʻohou i nā pūʻolo iā lākou iho
apt upgrade -yE hoʻouka i ka pūʻolo wireguard
apt install -y wireguardE mālama ʻia kā mākou hoʻonohonoho ʻana i ka /etc/wireguard/ directory, pono mākou e komo i ka papa kuhikuhi:
cd /etc/wireguard/Pono mākou i kahi kī ākea a pilikino no kā mākou kikowaena. E hana mākou iā lākou ma hope o ka hoʻonohonoho ʻana i nā kuleana kūpono i ka hana ʻana i nā faila a me nā papa kuhikuhi me nā kauoha:
umask 077
wg genkey > privatekey
wg pubkey < privatekey > publickeyI kēia manawa, hoʻonoho mākou i nā kuleana no ke kī pilikino:
chmod 600 privatekeyMa mua o ka hana ʻana i ka faila hoʻonohonoho, pono mākou i ka inoa o kā mākou kikowaena pūnaewele. No ka ʻike ʻana, e hoʻohana i ke kauoha:
ip aPono mākou i ka pilina me ka IP address i hoʻohana ʻia no ka pilina o kēia manawa. E kapa ʻia ʻo ia ʻo ens3 i kāu hihia, akā aia kekahi inoa ʻē aʻe.
Pono mākou i kahi kī ākea a pilikino. No ka hōʻike ʻana iā lākou, hoʻohana wau i ka huelo
tail privatekey publickeyUa nana e like keia:
No ka hoʻoponopono, hiki iā ʻoe ke hoʻohana i kekahi Luna hoʻoponopono kikokikona Linux. E hoʻohana wau i ka nano. No ka hoʻouka ʻana, pono ʻoe e holo i ke kauoha:
apt install -y nanoHoʻoponopono mākou i ka faila hoʻonohonoho:
nano /etc/wireguard/wg0.confpalapala aie
no ka mālama ʻana i ka faila, hoʻohana mākou i ka hui pihi ctrl+o
no ka puka ʻana - ctrl+x
E like paha me kēia:
[Interface]
PrivateKey = [ your private key ]
Address = 10.30.0.1/24
ListenPort = 51928
PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -t nat -A POSTROUTING -o [ interface name ] -j MASQUERADE
PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -t nat -D POSTROUTING -o [ interface name ] -j MASQUERADEI koʻu hihia, ua like ia me kēia
Hoʻomaka mākou i ka hoʻouna ʻana i ka ip
echo "net.ipv4.ip_forward=1" >> /etc/sysctl.conf
sysctl -pHoʻomaka i ka lawelawe wireguard:
systemctl start [email protected]Inā makemake mākou e hoʻomaka ka lawelawe ma hope o ka hoʻomaka ʻana o ke kikowaena, a laila hana mākou i kēia:
systemctl enable [email protected]No ka nānā ʻana i ke kūlana lawelawe:
systemctl status [email protected]Pono ke kūlana e like me ke kiʻi kiʻi:
Inā ʻoe e hahai pono i kā mākou ʻōlelo aʻo, a laila i kēia manawa, loaʻa iā ʻoe nā mea āpau e pono ai e hana i ka ʻāpana kikowaena VPN Wireguard.
Hoʻonohonoho i ka mea kūʻai Wireguard
ʻO ka mea wale nō i koe e hoʻonohonoho i ka ʻāpana o ka mea kūʻai aku. No ka laʻana a me ka maʻalahi, e hana wau i nā kī no ka ʻāpana o ka mea kūʻai aku ma ka kikowaena. Akā, no nā kumu palekana, ʻoi aku ka pololei o ka hana ʻana i nā kī ma ka ʻaoʻao o ka mea kūʻai aku. Hoʻohana wau i nā kauoha no ka hanauna:
wg genkey > mypc_privatekey
wg pubkey < mypc_privatekey > mypc_publickeyE hana pū wau i nā kī e hoʻohana ai i ka VPN ma ke kelepona:
wg genkey > myphone_private
keywg pubkey < myphone_privatekey > myphone_publickeyPono e hoʻomaopopo ʻia pono e hana ʻia kēia mau mea i ka wā e noho ana i ka papa inoa
/etc/wireguard/
Hiki iā ʻoe ke holo ma kahi papa inoa ʻē aʻe. Akā no ka maʻalahi, hoʻokō mākou i nā ʻōlelo aʻoaʻo ma /etc/wireguard/
Hoʻohana mākou i ke kauoha ls e papa inoa i nā faila ma kahi papa kuhikuhi. Ua loaʻa iaʻu penei:
E hōʻike i nā kī lehulehu ma ka pale. Pono mākou iā lākou e hoʻohui i nā nodes i kā mākou pūnaewele:
tail mypc_publickey myphone_publickeyNoʻu e like me kēia:
E hoʻoponopono i kā mākou faila config:
nano wg0.confHoʻohui i nā laina hou:
[Peer]
PublicKey = [ mypc_publickey ]
AllowedIPs = 10.30.0.2/32
[Peer]
PublicKey = [ myphone_publickey ]
AllowedIPs = 10.30.0.3/32I kēia manawa ua like ka faila config:
E mālama i ka faila a hoʻomaka hou i kā mākou lawelawe:
systemctl restart wg-quick@wg0E nānā kākou ua holomua nā mea a pau:
systemctl status wg-quick@wg0Pono ke kūlana
Pono ka hoʻouka hou ʻana i ka lawelawe i kēlā me kēia manawa ma hope o ka hoʻoponopono ʻana i ka faila hoʻonohonoho kikowaena (wg0.conf)
A laila, e hana mākou i nā hoʻonohonoho no nā mea kūʻai aku (i koʻu hihia, kaʻu PC a me ke kelepona). E hana like au ma ke kikowaena.
nano mypc.conf[Interface]
PrivateKey = [mypc_privatekey private key]
Address = 10.30.0.2/32
DNS = 8.8.8.8
[Peer]
PublicKey = [publickey server publc key]
Endpoint =[ server ip address]:51928
AllowedIPs = 0.0.0.0/0
PersistentKeepalive = 20Ma ke kahua Endpoint, hiki iā ʻoe ke ʻike i ka IP address o ka server - ʻo ia ka IP address a mākou i hoʻohana ai e hoʻopili ma SSH. No ka ʻike ʻana i nā loulou a me nā helu wahi, hiki iā ʻoe ke hoʻohana i ka ip a kauoha.
E hoʻonohonoho i ka Wireguard no ke kelepona paʻalima
Hana mākou i kahi hoʻonohonoho like no kā mākou kelepona. Pono wale e hoʻololi i ka helu wahi. No ka PC he 10.30.0.2/32, a ma ka hoʻonohonoho no ke kelepona e hana mākou i 10.30.0.3/32. Eia kekahi, inā makemake mākou e hoʻohana i ka VPN ma nā mea ʻē aʻe, a laila pono mākou e hoʻohui i nā helu ʻē aʻe i ke kahua Address ma nā faila hoʻonohonoho a me ka faila hoʻonohonoho server wg0.conf, ka AllowedIPs kahua i ka wā e hana ai i nā hoʻonohonoho.
Penei nā faila i koʻu hihia:
mypc.conf
myphone.conf
No ka pilina, hoʻokomo mākou i ka mea hoʻohana wireguard https://www.wireguard.com/install/
Ma ka polokalamu Windows, hoʻohui mākou i kahi tunnel hou a hoʻokomo i ka hoʻonohonoho i hana ʻia ma ka faila mypc.conf
Hoʻomaka mākou i ka tunnel a hele i ka polokalamu kele pūnaewele i ka pūnaewele e hōʻike ana i kā mākou helu wahi
I mea e hoʻohui pono ai i kahi VPN i kāu kelepona, e hoʻokomo i kahi papahana no ka hana ʻana i nā code qr ma ke kikowaena:
apt install -y qrencodeAia ma ka papa kuhikuhi hoʻonohonoho, e hana i kēia kaʻina:
qrencode -t ansiutf8 -r myphone.conf
A laila hoʻokomo mākou i ka polokalamu Wireguard ma ke kelepona, kaomi + e hana i kahi tunnel hou, koho i ka scan QR code, scan it, turn on the VPN. A laila, e nānā mākou e hōʻike ana mākou i ka helu o kā mākou kikowaena ma ka hoʻohana ʻana i kekahi kumuwaiwai e hōʻike ana i ka helu IP puka.
Ua hana ʻoe!
