Funtoo:User Services/VPN Setup

From Funtoo
< Funtoo:User Services
Revision as of 21:28, February 23, 2022 by Drobbins (talk | contribs) (first parts of VPN setup)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

We use WireGuard for our internal VPN. These steps will help you to connect to our VPN. WireGuard is really quite simple to use but does have a learning curve. Once you're up and running, you'll appreciate the fast, reliable experience. Let's get started!

Initial Setup

Your first step is to emerge Template:Catpkg: 

root # emerge -av wireguard-tools

If you're using our Template:Catpkg kernel like a good, upstanding funtoo citizen, then you already have wireguard kernel modules available to load.

Before I can get you set up on the VPN, I need you to generate a public and private key. You will send the public key to me, and you'll keep the private key private. This can be done by running the following command: 

root # wg genkey

After running this command, please send me the contents of your public.key file.

Now, create an /etc/wireguard/wg0.conf file with the following contents:

   /etc/wireguard/wg0.conf 
[Interface]
Address = [IPv4/netmask I provide to you]
ListenPort = 56875
PrivateKey = [Your Private Key]
DNS = 172.19.0.3,1.1.1.1

[Peer]
PublicKey = ct6WFz1ZaIPfsyRSw4NNq7cosE6pMldkP3y0B9fTh0U=
AllowedIPs = 172.16.0.0/12
Endpoint = [Endpoint I Provide to you]

Make this file non-readable by anyone but root: 

root #  chmod go-rwx /etc/wireguard/wg0.conf

Really, you're now pretty much set up!

}}

Retrieved from "https://www.funtoo.org/index.php?title=Funtoo:User_Services/VPN_Setup&oldid=39291"