Wiregaurd VPN with Linux Server

From Silbo Networks
Revision as of 08:33, 23 August 2024 by Wikisysop (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Prerequisite:

  • Linux System
  • SILBO Router or gateway
  • Static Public IP on wired internet connection
  • SIM card with active internet  

Note: This document is prepared using SILBO 1.16_1.13_RC4 FW version.


Create wireguard Server on Linux Server:

1. Install WireGuard:

On a Debian/Ubuntu Server Send below commands in CLI:

First Command : sudo apt update

Second Command : sudo apt install wireguard

Third Command : sudo yum install wireguard-dkms wireguard-tools -y

Generate Server Keys:

cd /etc/wireguard/

umask 077

wg genkey | tee server_private_key | wg pubkey > server_public_key


Create and Edit Server Configuration:

nano /etc/wireguard/wg0.conf


Enter the following, adjusting as necessary:


[Interface]

Address = 10.7.0.1/24

ListenPort = 51820  // in configuration 5500 is used.

PrivateKey = [YourServerPrivateKeyFromAbove][Peer]

PublicKey = [YourClientPublicKey]

AllowedIPs = 10.7.0.2/32


In the testing setup created while preparing document the server looks as below.


make sure the Public IP is directly connected to the Server system, if not then the port number used in WG should be forwarded from Firewall/Router to the Server System.


Configuring SILBO Router/gateway:

Login to router using default IP 192.168.10.1 and default credentials admin/admin.


Once login we can see the FW version.

Change the IP address to required IP, in this testing we are using 192.168.11.1 IP address.

To do that Navigate to Settings>>Network from 192.168.10.1 to 192.168.11.1 and save / update.


WG configuration in SILBO Router/Gateway:

Let us configure WG client in router to do that Navigate to >> Settings>>VPN and enable “Enable Wireguard” checkbox.


Once it is enabled as shown in above image click on save button.

Next navigate to to >> Settings>>VPN>>Wireguard >> and do as below instructions.

Give a name to the VPN instance and click on “Add” button.

Then popup which opens where we can do actual client configuration as below.

 

Click on save and once saved navigate again to WG settings page and click on “Generate button”


Now the Key from this page should be copied and used on the Linux server as client key.

Basically the SILBO Router/Gateway generates a key which should be configured in Sever as client peer key.


Once key is configured in WG server then click on Update button.

Upon VPN connection establishes the statue can be seen as “Up” along with IP Address.


To Ping server LAN, navigate to features>>Others and give LAN IP and ping.

If the ping is not working then check the firewall side settings whether the ping is allowed or not.


In WG we should ping WG Virtual IP 10.7.0.1 and from WG server Router Virtual IP can be ping 10.7.0.2

Using pin 10.7.0.2 command.