Difference between revisions of "Wireguard"

From Steak Wiki
Jump to navigationJump to search
Line 23: Line 23:
 
DNS = (windows server and the subnet should be on allowed ips, if it isn't already), 4.2.2.2, 8.8.8.8
 
DNS = (windows server and the subnet should be on allowed ips, if it isn't already), 4.2.2.2, 8.8.8.8
 
</pre>
 
</pre>
 +
troubleshoot that with nslookup. You might think you can avoid this and hardcode the dns in window's /etc/hosts but that won't properly resolve the domain controller. and everytime you access a domain share you have to enter a password. bad idea.

Revision as of 18:09, 27 June 2023

wireguard has a few setup scenarios. each are unique.


windows

download, run installer, add empty tunnel

[Interface]
PrivateKey = (it should auto populate this for you)(public key is above in text field)                          
Address = (the ip you want on the vpn net/32 for one ip)

[Peer]
PublicKey = (find it on server)
AllowedIPs = (what you want to be able to connect to on vpn lan)
Endpoint = (ipaddress:port)

Optional: If you have a windows server w/dns (i.e. domain) use not the vpn router but the windows server as the DNS. However, you may want to also add some other dns (level 4 / google) as backups. e.g.

[Interface]
PrivateKey =                        
Address = 
DNS = (windows server and the subnet should be on allowed ips, if it isn't already), 4.2.2.2, 8.8.8.8

troubleshoot that with nslookup. You might think you can avoid this and hardcode the dns in window's /etc/hosts but that won't properly resolve the domain controller. and everytime you access a domain share you have to enter a password. bad idea.