Server working
Platform: x86/64
Firmware: iStoreOS 22.03.5 2023081110/LuCI istoreos-22.03
Install software package
System - Package - Update List
Then filter the list and install the following software
kmod-wireguard luci-app-wireguard luci-i18n-wireguard-zh-cn luci-proto-wireguard wg-installer-server wg-installer-server-hotplug-babeld wg-installer-server-hotplug-olsrd wireguard-tools
Restart the system
- Server related configuration
Log in to openwrt – Network – Interface – Add a new interface
The interface name can be filled in randomly, for example WGd
Protocol Selection WireGuard VPN
click Submit
Automatic operation after startup Tick
direct Generate a new key pair
Change the listening interface, and remember, for example( twelve thousand three hundred and forty-five
)
Address changed to 192.168.100.1/24
(Change to private address, not the same as the main network)
Firewall Settings – Select lan
Firewall - Custom Rule Add iptables -t nat -A POSTROUTING -s 192.168.100.0/24 -o br-lan -j MASQUERADE
(Some people say it's OK not to add it. I added it myself)
Client Peer Add
Network – Interface – Find WGd
-Click edit
-Opposite end
Add peer
Description (peer name) Example PC1
direct Generate a new key pair
direct Generate preshared key
Allowed IP settings are 192.168.100.2-254/32
Routing Allowed IP Tick
Keep Alive is set to: twenty-five
Then click Build Configuration
Change the connection end point to: DDNS domain name
Allowed IP settings are: Intranet network segment, WGd network segment
for example 192.168.1.0/24、192.168.100.0/24
Put the original 0.0.0.0/0
and ::/0
delete
The approximate format of the following configuration file is:
[Interface] PrivateKey = qGXmfeG8U****** # ListenPort not defined [Peer] PublicKey = F7qCrMXFN0VDhc5td****** PresharedKey = i/SHaYDyZDe16C***** AllowedIPs = 192.168.1.0/24、192.168.100.0/24 Endpoint = example.com:12345 PersistentKeepAlive = 25
Need to add one Address = 192.168.100.2/32
reach [Interface]
The modified configuration file in is as follows
[Interface] PrivateKey = qGXmfeG8U****** Address = 192.168.100.2/32 # ListenPort not defined [Peer] PublicKey = F7qCrMXFN0VDhc5td****** PresharedKey = i/SHaYDyZDe16C***** AllowedIPs = 192.168.1.0/24、192.168.100.0/24 Endpoint = example.com:12345 PersistentKeepAlive = 25
Save Profile As *.conf
Import the corresponding client and use it
Network - firewall - port forwarding - add port 12345 for passing 192.168.1.1
Network - firewall - general settings - lan to wan Edit to add a network and add the WGd interface just now
Remember to restart after the above operation WGd
Interface
Copyright: Eric Qiu*
Link to this article: https://eblog.ink/archives/363/
The source and this statement shall be indicated when reprinting