今天手动安装了一下wireguard,终于三个客户端连接上阿里云服务器,并在阿里云服务器的wg0.conf上加上
PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -A FORWARD -o %i -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADEPostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -D FORWARD -o %i -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
之后三者互通了。
安装 wireguard
# apt -y install wireguard
生成密钥为服务器密钥
# wg genkey | tee server_privatekey | wg pubkey > server_publickey
为客户端密钥
# wg genkey | tee c1_privatekey | wg pubkey > c1_publickey
配置 WireGuard
wg0.conf
# vim /etc/wireguard/wg0.conf
[Interface]
Address = 10.0.3.1/24
ListenPort =
PrivateKey =
#PostUp = echo 1 > /proc/sys/net/ipv4/ip_forward
PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -A FORWARD -o %i -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -D FORWARD -o %i -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
[Peer]
PublicKey =
AllowedIPs = 10.0.3.2/32
PersistentKeepalive = 25
[Peer]
PublicKey =
AllowedIPs = 10.0.3.3/32
PersistentKeepalive = 25
[Peer]
PublicKey =
AllowedIPs = 10.0.3.4/32
PersistentKeepalive = 25
启用wg-quick服务
systemctl enable wg-quick
@wg0 --now
设置 Client
Windowswg0.conf
[Interface]
PrivateKey =
Address = 10.0.3.2/24
[Peer]
PublicKey =
AllowedIPs = 10.0.0.0/16, 192.168.0.0/16
Endpoint =
PersistentKeepalive = 25
ubuntu client
root@ub:/etc/wireguard# cat wg0.conf
[Interface]
PrivateKey =
Address = 10.0.3.3/32
[Peer]
PublicKey =
AllowedIPs = 10.0.0.0/16
Endpoint =
PersistentKeepalive = 25