Ma tenei tuhinga e whakaahua taipitopito me pehea te whakatu Wireguard VPN ki to tuumau. He tūmau mariko, he tūmau tūmataiti rānei - kāre he mea nui.
Ko tenei aratohu tatūnga VPN Wireguard i hangaia mo nga kaiwhakamahi karekau he wheako nui, no reira ka tino whai kiko nga waahanga katoa ka whai i nga whakaahua.
Ka whakamunahia nga waka e haere ana ma to tatou kauhanga, ka whakaatuhia e te Ipurangi te IP IP o to tatou tūmau VPN, ehara i te wāhitau o te kaiwhakarato e uru atu ai tatou ki te whatunga.
Ko te whakaaro kei a koe he VPS. Ki te kore, ka taea e koe raupapa mai ia matou.
Ka whakauruhia e matou te punaha whakahaere Ubuntu 22.04 ki runga i ta maatau tūmau. Ki te whai koe i te tūmau ki te OS rerekē, ka taea e koe te tāuta ngāwari i te reira i muri i te tohutohu.
Na, kua rite te tūmau me te Ubuntu 22.04 OS, inaianei ka hono atu ma te SSH. Mena kare ano koe i kite i tenei kawa i mua, katahi ka awhina koe i tetahi tuhinga e whakamaarama ana i tenei tukanga. Ko te wahanga tuarua o te tuhinga mo Linux OS, ko te tuatoru mo Windows OS.
Whakaritea te tūmau Waearere
I muri i te hononga angitu, ka tuhia e ahau etahi whakahau me te whakaahuatanga o nga mea ka mahia e ratou kia mohio ai ki te tukanga:
Ka whakahouhia e matou te rarangi o nga kohinga kei roto i nga putunga
apt updateKo te whakahoutanga o nga kete ake
apt upgrade -yTāutahia te mōkihi tiaki waea
apt install -y wireguardKa penapenahia ta maatau whirihoranga ki te raarangi /etc/wireguard/, me uru ki te raarangi:
cd /etc/wireguard/Ka hiahia matou ki te taviri a te iwi me te motuhake mo to maatau tūmau. Ka whakaputahia e matou i muri i te tautuhi i nga mana tika i te wa e hanga ana nga konae me nga raarangi me nga whakahau:
umask 077
wg genkey > privatekey
wg pubkey < privatekey > publickeyInaianei kua tautuhia e matou nga motika mo te ki motuhake:
chmod 600 privatekeyI mua i te hanga i te konae whirihoranga, me kii te ingoa o to atanga whatunga. Kia kitea, whakamahia te whakahau:
ip aE hiahia ana matou ki te atanga me te wahitau IP e whakamahia ana mo te hononga o naianei. Ka kiia pea he ens3 mo to keehi, engari tera pea he ingoa ano.
Ka hiahia hoki matou ki te taviri a te iwi me te motuhake. Hei whakaatu i a raatau ka whakamahi ahau i te hiku
tail privatekey publickeyrite tenei titiro reira:
Mo te whakatika, ka taea e koe te whakamahi i tetahi ētita kuputuhi Linux. Ka whakamahi ahau i te nano. Hei whakaurunga me whakahaere e koe te whakahau:
apt install -y nanoKa whakatikahia e matou te konae whirihoranga:
nano /etc/wireguard/wg0.conftuhipoka
hei tiaki i te konae ka whakamahia te pahekotanga ctrl+o
mo te putanga - ctrl+x
Me penei:
[Interface]
PrivateKey = [ your private key ]
Address = 10.30.0.1/24
ListenPort = 51928
PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -t nat -A POSTROUTING -o [ interface name ] -j MASQUERADE
PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -t nat -D POSTROUTING -o [ interface name ] -j MASQUERADEI taku take he penei te ahua
Ka whakakā tatou i te tuku whakamua ip
echo "net.ipv4.ip_forward=1" >> /etc/sysctl.conf
sysctl -pWhakarewa ratonga tiaki waea:
systemctl start [email protected]Mena kei te pirangi matou kia timata te ratonga i muri i te tiimata o te tuumau, ka mahia e matou nga mea e whai ake nei:
systemctl enable [email protected]Mo te tiro i te mana o te ratonga:
systemctl status [email protected]Me kaha te mana penei i te whakaahua:
Mena ka ata whai koe i o maatau tohutohu, i tenei wa, kei a koe nga mea katoa e hiahia ana koe kia mahi te waahanga o te VPN Wireguard.
Te whakarite i te kiritaki Wireguard
Ko te mea anake e toe ana ko te whirihora i te waahanga o te kiritaki. Hei tauira me te ngawari, ka whakaputahia e ahau nga taviri mo te waahanga o te kiritaki i runga i te tūmau. Engari mo nga kaupapa haumaru, he tika ake te whakaputa i nga taviri i te taha o te kiritaki.Ka whakamahi au i nga whakahau mo te whakatipuranga:
wg genkey > mypc_privatekey
wg pubkey < mypc_privatekey > mypc_publickeyKa mahia ano e au nga taviri hei whakamahi i te VPN i runga waea:
wg genkey > myphone_private
keywg pubkey < myphone_privatekey > myphone_publickeyMe tohu ko enei mea katoa me mahi i te wa kei roto i te raarangi
/etc/wireguard/
Ka taea hoki e koe te whakahaere i tetahi atu putumōhio. Engari mo te ngawari, ka mahia e matou nga tohutohu i roto i /etc/wireguard/
Ka whakamahi matou i te whakahau ls hei whakarārangi i ngā kōnae ki roto i te whaiaronga. I whiwhi ahau penei:
Me whakaatu nga taviri a te iwi ki te mata. Ka hiahia matou ki a raatau hei taapiri i nga pona ki to maatau whatunga:
tail mypc_publickey myphone_publickeyKi ahau he penei te ahua:
Me whakatika ta tatou konae whirihora:
nano wg0.confTāpirihia nga rarangi e whai ake nei:
[Peer]
PublicKey = [ mypc_publickey ]
AllowedIPs = 10.30.0.2/32
[Peer]
PublicKey = [ myphone_publickey ]
AllowedIPs = 10.30.0.3/32Inaianei he penei te ahua o te konae whirihora:
Tiakina te konae ka whakaara ano i ta maatau ratonga:
systemctl restart wg-quick@wg0Kia tirohia kua angitu nga mea katoa:
systemctl status wg-quick@wg0Me kaha te mana
Me uta ano te ratonga i nga wa katoa i muri i te whakatika i te konae whirihoranga tūmau (wg0.conf)
I muri mai, ka hangaia e matou he whirihoranga mo nga kaihoko (i taku keehi, taku PC me taku waea). Ka pena ano ahau i runga i te tūmau.
nano mypc.conf[Interface]
PrivateKey = [mypc_privatekey private key]
Address = 10.30.0.2/32
DNS = 8.8.8.8
[Peer]
PublicKey = [publickey server publc key]
Endpoint =[ server ip address]:51928
AllowedIPs = 0.0.0.0/0
PersistentKeepalive = 20I te mara Whakamutunga, ka taea e koe te kite i te wahitau IP o te tūmau - koinei te wāhitau IP i whakamahia e mātou ki te hono mā SSH. Hei kite i nga atanga me nga wahitau, ka taea e koe te whakamahi i te ip a whakahau.
Whakaturia Wireguard mo te pūkoro
Ka hangaia e matou he whirihoranga rite mo to maatau waea. Me huri noa te wahitau. Mo te PC ko 10.30.0.2/32, a i roto i te whirihoranga mo te waea ka hanga e matou 10.30.0.3/32. Ano, ki te hiahia matou ki te whakamahi VPN i runga i etahi atu taputapu, katahi ka taapirihia etahi atu wahitau ki te mara Wāhitau i roto i nga konae whirihoranga me te konae whirihoranga tūmau wg0.conf, te AllowedIPs mara i te wa e hanga ana i nga whirihoranga.
He penei te ahua o nga konae ki taku keehi:
mypc.conf
taku waea.conf
Mo te hononga, ka whakauruhia e matou he kaihoko waea waea https://www.wireguard.com/install/
I roto i te tono Windows, ka taapirihia he kauhanga hou ka uru ki te whirihoranga i hangaia ki te konae mypc.conf
Ka whakarewahia e matou te kauhanga ka haere ki te kaitirotiro ki te paetukutuku e whakaatu ana i to maatau wahitau
Kia pai ai te taapiri i tetahi VPN ki to waea, whakauruhia he kaupapa hei whakaputa waehere qr i runga i te tūmau:
apt install -y qrencodeKei roto i te raarangi whirihoranga, mahia te taahiraa e whai ake nei:
qrencode -t ansiutf8 -r myphone.conf
Na ka uru atu matou ki te taupānga Wireguard i runga i te waea, pehia te + ki te hanga i tetahi kohanga hou, tohua te matawai i te QR code, karapahia, ka huri i te VPN. I muri mai, ka tirohia e matou kei te whakaatu matou i te wahitau o to maatau tūmau ma te whakamahi i tetahi rauemi e whakaatu ana i te wahitau IP putanga.
I mahia e koe!
