Differences

This shows you the differences between two versions of the page.

--- documentation:examples:gre_ipsec_and_openvpn [2022/10/29 01:06] – [Key pairs generation on VM2 and VM4] olivier
+++ documentation:examples:gre_ipsec_and_openvpn [2023/07/10 12:40] – [Router 2] olivier
@@ Line 1322: / Line 1322: @@
 ===== Wireguard =====
+On current (14.0) needs only wireguard-tools (kernel module included), on older (12 or 13) needs wireguard-kmod.
 ==== Key pairs generation on VM2 and VM4 ====
@@ Line 1338: / Line 1339: @@
 ==== Router 2 ====
-Display router 2 private key, and router 4 public key.
+Write example-only static and public key, on real-life, used the one generated by wg.
 <code>
+echo "oFsqDWpgtlma4Dy3YkPd918d3Nw9xdV9MBVn4YT1N38=" > /usr/local/etc/wireguard/private
+echo "z9wBhxr/K405uQeYnCoGRi6VGWu/QAhym7JgH1BguxE=" > /usr/local/etc/wireguard/public
 cat > /usr/local/etc/wireguard/wg0.conf <<EOF
 [Interface]
-PrivateKey = 8Og1cCmvirK+zcGus/EyaA8aiFdzjjtS9GbuBa/bqFQ=
+PrivateKey = oFsqDWpgtlma4Dy3YkPd918d3Nw9xdV9MBVn4YT1N38=
 ListenPort = 51820
 [Peer]
-PublicKey = FSvVqj2s1FZqsSIvPLrE1RRTgbaPLbfG87P36F21M1g=
+PublicKey = o267Qf43WlVTawLq/8nrET4GQKijrjWFKiux9iNLv04=
-AllowedIPs = 10.0.45.0/24,2001:db8:45::2/64
+AllowedIPs = 10.0.45.0/24,2001:db8:45::/64
 Endpoint = 10.0.34.4:51820
 EOF
@@ Line 1359: / Line 1362: @@
 ==== Router 4 ====
-Display router 4 private key, and router 2 public key.
+Generate example-only router 4 wg keys, and declare 2 public key.
 <code>
+echo "4HRXmxN77CVb5VykdNX6mqkzCh2ycu4hfWfYHTvkLGE=" > /usr/local/etc/wireguard/private
+echo "o267Qf43WlVTawLq/8nrET4GQKijrjWFKiux9iNLv04=" > /usr/local/etc/wireguard/public
 cat > /usr/local/etc/wireguard/wg0.conf <<EOF
 [Interface]
-PrivateKey = ADfm6+sXZnoyDAkG/MXXy062pjSgh2GgfAIKwX+ewGg=
+PrivateKey = 4HRXmxN77CVb5VykdNX6mqkzCh2ycu4hfWfYHTvkLGE=
 ListenPort = 51820
 [Peer]
-PublicKey = gaQij176wrz3g+2RTJ/S1oEnc7rx2reU1Z0Thrv4oXc=
+PublicKey = z9wBhxr/K405uQeYnCoGRi6VGWu/QAhym7JgH1BguxE=
 AllowedIPs = 10.0.12.0/24,2001:db8:12::2/64
 Endpoint = 10.0.23.2:51820
@@ Line 1400: / Line 1405: @@
 packets transmitted, 2 packets received, 0.0% packet loss
 round-trip min/avg/max/std-dev = 0.764/1.272/1.779/0.507 ms
+</code>
+Are we using the kernel module?
+<code>
+root@VM2:~ # kldstat -v -n if_wg.ko
+Id Refs Address                Size Name
+    1 0xffffffff82b17000    2e550 if_wg.ko (/boot/kernel/if_wg.ko)
+        Contains modules:
+                 Id Name
+wg
+</code>
+Displaying wg status on VM2:
+<code>
+root@VM2:~ # ifconfig wg0
+wg0: flags=80c1<UP,RUNNING,NOARP,MULTICAST> metric 0 mtu 1420
+        options=80000<LINKSTATE>
+        groups: wg
+        nd6 options=101<PERFORMNUD,NO_DAD>
+root@VM2:~ # netstat -rn | grep "Dest\|wg0"
+Destination        Gateway            Flags     Netif Expire
+.0.45.0/24       link#7             US          wg0
+Destination                       Gateway                       Flags     Netif Expire
+:db8:45::/64                  link#7                        US          wg0
+root@VM2:~ # wg show
+interface: wg0
+  public key: z9wBhxr/K405uQeYnCoGRi6VGWu/QAhym7JgH1BguxE=
+  private key: (hidden)
+  listening port: 51820
+peer: o267Qf43WlVTawLq/8nrET4GQKijrjWFKiux9iNLv04=
+  endpoint: 10.0.34.4:51820
+  allowed ips: 2001:db8:45::/64, 10.0.45.0/24
+  latest handshake: 32 seconds ago
+  transfer: 356 B received, 436 B sent
 </code>