diff --git a/example-full/home-server/wg0.conf b/example-full/home-server/wg0.conf index 2373455..b4f77fc 100644 --- a/example-full/home-server/wg0.conf +++ b/example-full/home-server/wg0.conf @@ -1,6 +1,6 @@ [Interface] # Name = home-server.example-vpn.dev -Address = 10.0.0.3/32 +Address = 10.0.44.3/32 ListenPort = 51820 PrivateKey = WN+bvd3PCWs5Pk3bvl7abWR0c1L6PCWKYRX56mjVYGo= DNS = 1.1.1.1 @@ -10,5 +10,5 @@ DNS = 1.1.1.1 Endpoint = public-server1.example-vpn.tld:51820 PublicKey = q/+jwmL5tNuYSB3z+t9Caj00Pc1YQ8zf+uNPu/UE1wE= # routes traffic to itself and entire subnet of peers as bounce server -AllowedIPs = 10.0.0.1/24 +AllowedIPs = 10.0.44.1/24 PersistentKeepalive = 25 diff --git a/example-full/laptop/wg0.conf b/example-full/laptop/wg0.conf index d2f625d..384d0e6 100644 --- a/example-full/laptop/wg0.conf +++ b/example-full/laptop/wg0.conf @@ -1,6 +1,6 @@ [Interface] # Name = laptop.example-vpn.dev -Address = 10.0.0.4/32 +Address = 10.0.44.4/32 PrivateKey = OPmibSXYAAcMIYKNsWqr77zY06Kl750AEB1nWQi1T2o= DNS = 1.1.1.1 @@ -9,5 +9,5 @@ DNS = 1.1.1.1 Endpoint = public-server1.example-vpn.tld:51820 PublicKey = q/+jwmL5tNuYSB3z+t9Caj00Pc1YQ8zf+uNPu/UE1wE= # routes traffic to itself and entire subnet of peers as bounce server -AllowedIPs = 10.0.0.1/24 +AllowedIPs = 10.0.44.1/24 PersistentKeepalive = 25 diff --git a/example-full/phone/wg0.conf b/example-full/phone/wg0.conf index 47cf7a1..f74fa1b 100644 --- a/example-full/phone/wg0.conf +++ b/example-full/phone/wg0.conf @@ -1,6 +1,6 @@ [Interface] # Name = phone.example-vpn.dev -Address = 10.0.0.5/32 +Address = 10.0.44.5/32 PrivateKey = WH98AvjKKZ584ZLb69G912bNry2wOda9+kfzm+qbnUw= DNS = 1.1.1.1 @@ -9,5 +9,5 @@ DNS = 1.1.1.1 Endpoint = public-server1.example-vpn.tld:51820 PublicKey = q/+jwmL5tNuYSB3z+t9Caj00Pc1YQ8zf+uNPu/UE1wE= # routes traffic to itself and entire subnet of peers as bounce server -AllowedIPs = 10.0.0.1/24 +AllowedIPs = 10.0.44.1/24 PersistentKeepalive = 25 diff --git a/example-full/public-server1/setup.sh b/example-full/public-server1/setup.sh index b9991f8..385c4d8 100644 --- a/example-full/public-server1/setup.sh +++ b/example-full/public-server1/setup.sh @@ -14,4 +14,4 @@ sudo sysctl -p /etc/sysctl.conf iptables -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT iptables -A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT iptables -A FORWARD -i wg0 -o wg0 -m conntrack --ctstate NEW -j ACCEPT -iptables -t nat -A POSTROUTING -s 10.0.0.0/24 -o eth0 -j MASQUERADE +iptables -t nat -A POSTROUTING -s 10.0.44.0/24 -o eth0 -j MASQUERADE diff --git a/example-full/public-server1/wg0.conf b/example-full/public-server1/wg0.conf index 7e28ae4..c821daa 100644 --- a/example-full/public-server1/wg0.conf +++ b/example-full/public-server1/wg0.conf @@ -1,6 +1,6 @@ [Interface] # Name = public-server1.example-vpn.tld -Address = 10.0.0.1/24 +Address = 10.0.44.1/24 ListenPort = 51820 PrivateKey = 2P/3ll/TxGTjGqwcWnqJMnjwPqGw7oX1RaXlPfsf2FQ= DNS = 1.1.1.1 @@ -9,20 +9,20 @@ DNS = 1.1.1.1 # Name = public-server2.example-vpn.dev Endpoint = public-server2.example-vpn.dev:51820 PublicKey = SceMEaVZaZfOGtGXjMsoJjhwxKHkb++9wjxqN1vm32s= -AllowedIPs = 10.0.0.2/32 +AllowedIPs = 10.0.44.2/32 [Peer] # Name = home-server.example-vpn.dev Endpoint = home-server.example-vpn.dev:51820 PublicKey = 8bSk5fATxg9qdxbK20iTGdrQ7SWvxIBhxdMo+W54pEg= -AllowedIPs = 10.0.0.3/32 +AllowedIPs = 10.0.44.3/32 [Peer] # Name = laptop.example-vpn.dev PublicKey = BV5DjXeCugIrjvEZLo4sZ0hN5wveFTH8kOfZ1AIQ5js= -AllowedIPs = 10.0.0.4/32 +AllowedIPs = 10.0.44.4/32 [Peer] # Name = phone.example-vpn.dev PublicKey = VpjKa2MQKXuvttXRwJIe0LLYrtFYGQRTtmt8okUGm3A= -AllowedIPs = 10.0.0.5/32 +AllowedIPs = 10.0.44.5/32 diff --git a/example-full/public-server2/wg0.conf b/example-full/public-server2/wg0.conf index fa8cf16..f2dabff 100644 --- a/example-full/public-server2/wg0.conf +++ b/example-full/public-server2/wg0.conf @@ -1,6 +1,6 @@ [Interface] # Name = public-server2.example-vpn.dev -Address = 10.0.0.2/32 +Address = 10.0.44.2/32 ListenPort = 51820 PrivateKey = eDwURfg8PhpUAdPp+OA9pQ5oZQYqGqY3LToUORMh220= DNS = 1.1.1.1 @@ -10,5 +10,5 @@ DNS = 1.1.1.1 Endpoint = public-server1.example-vpn.tld:51820 PublicKey = q/+jwmL5tNuYSB3z+t9Caj00Pc1YQ8zf+uNPu/UE1wE= # routes traffic to itself and entire subnet of peers as bounce server -AllowedIPs = 10.0.0.1/24 +AllowedIPs = 10.0.44.1/24 PersistentKeepalive = 25 diff --git a/example-internet-browsing-vpn/laptop/wg0.conf b/example-internet-browsing-vpn/laptop/wg0.conf index d2f625d..38e6187 100644 --- a/example-internet-browsing-vpn/laptop/wg0.conf +++ b/example-internet-browsing-vpn/laptop/wg0.conf @@ -1,13 +1,12 @@ [Interface] # Name = laptop.example-vpn.dev -Address = 10.0.0.4/32 +Address = 10.0.44.2/32 PrivateKey = OPmibSXYAAcMIYKNsWqr77zY06Kl750AEB1nWQi1T2o= DNS = 1.1.1.1 [Peer] -# Name = public-server1.example-vpn.tld -Endpoint = public-server1.example-vpn.tld:51820 +# Name = server.example-vpn.tld +Endpoint = server.example-vpn.tld:51820 PublicKey = q/+jwmL5tNuYSB3z+t9Caj00Pc1YQ8zf+uNPu/UE1wE= -# routes traffic to itself and entire subnet of peers as bounce server -AllowedIPs = 10.0.0.1/24 +AllowedIPs = 0.0.0.0/0, ::/0 PersistentKeepalive = 25 diff --git a/example-internet-browsing-vpn/phone/wg0.conf b/example-internet-browsing-vpn/phone/wg0.conf index 47cf7a1..5af3804 100644 --- a/example-internet-browsing-vpn/phone/wg0.conf +++ b/example-internet-browsing-vpn/phone/wg0.conf @@ -1,13 +1,12 @@ [Interface] # Name = phone.example-vpn.dev -Address = 10.0.0.5/32 +Address = 10.0.44.3/32 PrivateKey = WH98AvjKKZ584ZLb69G912bNry2wOda9+kfzm+qbnUw= DNS = 1.1.1.1 [Peer] -# Name = public-server1.example-vpn.tld -Endpoint = public-server1.example-vpn.tld:51820 +# Name = server.example-vpn.tld +Endpoint = server.example-vpn.tld:51820 PublicKey = q/+jwmL5tNuYSB3z+t9Caj00Pc1YQ8zf+uNPu/UE1wE= -# routes traffic to itself and entire subnet of peers as bounce server -AllowedIPs = 10.0.0.1/24 +AllowedIPs = 0.0.0.0/0, ::/0 PersistentKeepalive = 25 diff --git a/example-internet-browsing-vpn/server/public-server1.key b/example-internet-browsing-vpn/server/server.key similarity index 100% rename from example-internet-browsing-vpn/server/public-server1.key rename to example-internet-browsing-vpn/server/server.key diff --git a/example-internet-browsing-vpn/server/public-server1.key.pub b/example-internet-browsing-vpn/server/server.key.pub similarity index 100% rename from example-internet-browsing-vpn/server/public-server1.key.pub rename to example-internet-browsing-vpn/server/server.key.pub diff --git a/example-internet-browsing-vpn/server/setup.sh b/example-internet-browsing-vpn/server/setup.sh index b9991f8..385c4d8 100644 --- a/example-internet-browsing-vpn/server/setup.sh +++ b/example-internet-browsing-vpn/server/setup.sh @@ -14,4 +14,4 @@ sudo sysctl -p /etc/sysctl.conf iptables -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT iptables -A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT iptables -A FORWARD -i wg0 -o wg0 -m conntrack --ctstate NEW -j ACCEPT -iptables -t nat -A POSTROUTING -s 10.0.0.0/24 -o eth0 -j MASQUERADE +iptables -t nat -A POSTROUTING -s 10.0.44.0/24 -o eth0 -j MASQUERADE diff --git a/example-internet-browsing-vpn/server/wg0.conf b/example-internet-browsing-vpn/server/wg0.conf index 7e28ae4..0b0d6b8 100644 --- a/example-internet-browsing-vpn/server/wg0.conf +++ b/example-internet-browsing-vpn/server/wg0.conf @@ -1,28 +1,18 @@ [Interface] -# Name = public-server1.example-vpn.tld -Address = 10.0.0.1/24 +# Name = server.example-vpn.tld +Address = 10.0.44.1/24 ListenPort = 51820 PrivateKey = 2P/3ll/TxGTjGqwcWnqJMnjwPqGw7oX1RaXlPfsf2FQ= DNS = 1.1.1.1 - -[Peer] -# Name = public-server2.example-vpn.dev -Endpoint = public-server2.example-vpn.dev:51820 -PublicKey = SceMEaVZaZfOGtGXjMsoJjhwxKHkb++9wjxqN1vm32s= -AllowedIPs = 10.0.0.2/32 - -[Peer] -# Name = home-server.example-vpn.dev -Endpoint = home-server.example-vpn.dev:51820 -PublicKey = 8bSk5fATxg9qdxbK20iTGdrQ7SWvxIBhxdMo+W54pEg= -AllowedIPs = 10.0.0.3/32 +PostUp = sysctl -w net.ipv4.ip_forward=1 +PostUp = sysctl -w net.ipv6.conf.all.forwarding=1 [Peer] # Name = laptop.example-vpn.dev PublicKey = BV5DjXeCugIrjvEZLo4sZ0hN5wveFTH8kOfZ1AIQ5js= -AllowedIPs = 10.0.0.4/32 +AllowedIPs = 10.0.44.2/32 [Peer] # Name = phone.example-vpn.dev PublicKey = VpjKa2MQKXuvttXRwJIe0LLYrtFYGQRTtmt8okUGm3A= -AllowedIPs = 10.0.0.5/32 +AllowedIPs = 10.0.44.3/32 diff --git a/example-lan-briding/montreal/public-server1.key b/example-lan-briding/montreal/montreal.key similarity index 100% rename from example-lan-briding/montreal/public-server1.key rename to example-lan-briding/montreal/montreal.key diff --git a/example-lan-briding/montreal/public-server1.key.pub b/example-lan-briding/montreal/montreal.key.pub similarity index 100% rename from example-lan-briding/montreal/public-server1.key.pub rename to example-lan-briding/montreal/montreal.key.pub diff --git a/example-lan-briding/montreal/setup.sh b/example-lan-briding/montreal/setup.sh index b9991f8..385c4d8 100644 --- a/example-lan-briding/montreal/setup.sh +++ b/example-lan-briding/montreal/setup.sh @@ -14,4 +14,4 @@ sudo sysctl -p /etc/sysctl.conf iptables -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT iptables -A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT iptables -A FORWARD -i wg0 -o wg0 -m conntrack --ctstate NEW -j ACCEPT -iptables -t nat -A POSTROUTING -s 10.0.0.0/24 -o eth0 -j MASQUERADE +iptables -t nat -A POSTROUTING -s 10.0.44.0/24 -o eth0 -j MASQUERADE diff --git a/example-lan-briding/montreal/wg0.conf b/example-lan-briding/montreal/wg0.conf index 7e28ae4..d97f824 100644 --- a/example-lan-briding/montreal/wg0.conf +++ b/example-lan-briding/montreal/wg0.conf @@ -1,28 +1,26 @@ [Interface] -# Name = public-server1.example-vpn.tld -Address = 10.0.0.1/24 +# Name = montreal.example-vpn.tld +# LAN = 192.168.1.1/24 +Address = 10.0.44.1/24 ListenPort = 51820 PrivateKey = 2P/3ll/TxGTjGqwcWnqJMnjwPqGw7oX1RaXlPfsf2FQ= DNS = 1.1.1.1 +PostUp = sysctl -w net.ipv4.ip_forward=1 +PostUp = sysctl -w net.ipv6.conf.all.forwarding=1 +PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -A FORWARD -o %i -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE +PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -D FORWARD -o %i -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE + [Peer] -# Name = public-server2.example-vpn.dev -Endpoint = public-server2.example-vpn.dev:51820 +# Name = newyork.example-vpn.dev +# LAN = 192.168.2.1/24 +Endpoint = newyork.example-vpn.dev:51820 PublicKey = SceMEaVZaZfOGtGXjMsoJjhwxKHkb++9wjxqN1vm32s= -AllowedIPs = 10.0.0.2/32 +AllowedIPs = 10.0.44.2/32, 192.168.2.1/24 [Peer] -# Name = home-server.example-vpn.dev -Endpoint = home-server.example-vpn.dev:51820 +# Name = vancouver.example-vpn.dev +# LAN = 192.168.3.1/24 +Endpoint = vancouver.example-vpn.dev:51820 PublicKey = 8bSk5fATxg9qdxbK20iTGdrQ7SWvxIBhxdMo+W54pEg= -AllowedIPs = 10.0.0.3/32 - -[Peer] -# Name = laptop.example-vpn.dev -PublicKey = BV5DjXeCugIrjvEZLo4sZ0hN5wveFTH8kOfZ1AIQ5js= -AllowedIPs = 10.0.0.4/32 - -[Peer] -# Name = phone.example-vpn.dev -PublicKey = VpjKa2MQKXuvttXRwJIe0LLYrtFYGQRTtmt8okUGm3A= -AllowedIPs = 10.0.0.5/32 +AllowedIPs = 10.0.44.3/32, 192.168.3.1/24 diff --git a/example-lan-briding/newyork/public-server2.key b/example-lan-briding/newyork/newyork.key similarity index 100% rename from example-lan-briding/newyork/public-server2.key rename to example-lan-briding/newyork/newyork.key diff --git a/example-lan-briding/newyork/public-server2.key.pub b/example-lan-briding/newyork/newyork.key.pub similarity index 100% rename from example-lan-briding/newyork/public-server2.key.pub rename to example-lan-briding/newyork/newyork.key.pub diff --git a/example-lan-briding/newyork/wg0.conf b/example-lan-briding/newyork/wg0.conf index fa8cf16..e1546ca 100644 --- a/example-lan-briding/newyork/wg0.conf +++ b/example-lan-briding/newyork/wg0.conf @@ -1,14 +1,26 @@ [Interface] -# Name = public-server2.example-vpn.dev -Address = 10.0.0.2/32 +# Name = newyork.example-vpn.dev +# LAN = 192.168.2.1/24 +Address = 10.0.44.2/32 ListenPort = 51820 PrivateKey = eDwURfg8PhpUAdPp+OA9pQ5oZQYqGqY3LToUORMh220= DNS = 1.1.1.1 +PostUp = sysctl -w net.ipv4.ip_forward=1 +PostUp = sysctl -w net.ipv6.conf.all.forwarding=1 +PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -A FORWARD -o %i -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE +PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -D FORWARD -o %i -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE + [Peer] -# Name = public-server1.example-vpn.tld -Endpoint = public-server1.example-vpn.tld:51820 +# Name = montreal.example-vpn.dev +# LAN = 192.168.1.1/24 +Endpoint = montreal.example-vpn.dev:51820 PublicKey = q/+jwmL5tNuYSB3z+t9Caj00Pc1YQ8zf+uNPu/UE1wE= -# routes traffic to itself and entire subnet of peers as bounce server -AllowedIPs = 10.0.0.1/24 -PersistentKeepalive = 25 +AllowedIPs = 10.0.44.1/32, 192.168.1.1/24 + +[Peer] +# Name = vancouver.example-vpn.dev +# LAN = 192.168.3.1/24 +Endpoint = vancouver.example-vpn.dev:51820 +PublicKey = 8bSk5fATxg9qdxbK20iTGdrQ7SWvxIBhxdMo+W54pEg= +AllowedIPs = 10.0.44.3/32, 192.168.3.1/24 diff --git a/example-lan-briding/vancouver/setup.sh b/example-lan-briding/vancouver/setup.sh index b9991f8..385c4d8 100644 --- a/example-lan-briding/vancouver/setup.sh +++ b/example-lan-briding/vancouver/setup.sh @@ -14,4 +14,4 @@ sudo sysctl -p /etc/sysctl.conf iptables -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT iptables -A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT iptables -A FORWARD -i wg0 -o wg0 -m conntrack --ctstate NEW -j ACCEPT -iptables -t nat -A POSTROUTING -s 10.0.0.0/24 -o eth0 -j MASQUERADE +iptables -t nat -A POSTROUTING -s 10.0.44.0/24 -o eth0 -j MASQUERADE diff --git a/example-lan-briding/vancouver/public-server1.key b/example-lan-briding/vancouver/vancouver.key similarity index 100% rename from example-lan-briding/vancouver/public-server1.key rename to example-lan-briding/vancouver/vancouver.key diff --git a/example-lan-briding/vancouver/public-server1.key.pub b/example-lan-briding/vancouver/vancouver.key.pub similarity index 100% rename from example-lan-briding/vancouver/public-server1.key.pub rename to example-lan-briding/vancouver/vancouver.key.pub diff --git a/example-lan-briding/vancouver/wg0.conf b/example-lan-briding/vancouver/wg0.conf index 7e28ae4..f1d755c 100644 --- a/example-lan-briding/vancouver/wg0.conf +++ b/example-lan-briding/vancouver/wg0.conf @@ -1,28 +1,26 @@ [Interface] -# Name = public-server1.example-vpn.tld -Address = 10.0.0.1/24 +# Name = vancouver.example-vpn.tld +# LAN = 192.168.3.1/24 +Address = 10.0.44.3/24 ListenPort = 51820 -PrivateKey = 2P/3ll/TxGTjGqwcWnqJMnjwPqGw7oX1RaXlPfsf2FQ= +PrivateKey = WN+bvd3PCWs5Pk3bvl7abWR0c1L6PCWKYRX56mjVYGo= DNS = 1.1.1.1 +PostUp = sysctl -w net.ipv4.ip_forward=1 +PostUp = sysctl -w net.ipv6.conf.all.forwarding=1 +PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -A FORWARD -o %i -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE +PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -D FORWARD -o %i -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE -[Peer] -# Name = public-server2.example-vpn.dev -Endpoint = public-server2.example-vpn.dev:51820 -PublicKey = SceMEaVZaZfOGtGXjMsoJjhwxKHkb++9wjxqN1vm32s= -AllowedIPs = 10.0.0.2/32 [Peer] -# Name = home-server.example-vpn.dev -Endpoint = home-server.example-vpn.dev:51820 -PublicKey = 8bSk5fATxg9qdxbK20iTGdrQ7SWvxIBhxdMo+W54pEg= -AllowedIPs = 10.0.0.3/32 +# Name = montreal.example-vpn.dev +# LAN = 192.168.1.1/24 +Endpoint = montreal.example-vpn.dev:51820 +PublicKey = q/+jwmL5tNuYSB3z+t9Caj00Pc1YQ8zf+uNPu/UE1wE= +AllowedIPs = 10.0.44.1/32, 192.168.1.1/24 [Peer] -# Name = laptop.example-vpn.dev -PublicKey = BV5DjXeCugIrjvEZLo4sZ0hN5wveFTH8kOfZ1AIQ5js= -AllowedIPs = 10.0.0.4/32 - -[Peer] -# Name = phone.example-vpn.dev -PublicKey = VpjKa2MQKXuvttXRwJIe0LLYrtFYGQRTtmt8okUGm3A= -AllowedIPs = 10.0.0.5/32 +# Name = newyork.example-vpn.dev +# LAN = 192.168.2.1/24 +Endpoint = newyork.example-vpn.dev:51820 +PublicKey = SceMEaVZaZfOGtGXjMsoJjhwxKHkb++9wjxqN1vm32s= +AllowedIPs = 10.0.44.2/32, 192.168.2.1/24 diff --git a/example-simple-client-to-server/client/laptop.key b/example-simple-client-to-server/client/client.key similarity index 100% rename from example-simple-client-to-server/client/laptop.key rename to example-simple-client-to-server/client/client.key diff --git a/example-simple-client-to-server/client/laptop.key.pub b/example-simple-client-to-server/client/client.key.pub similarity index 100% rename from example-simple-client-to-server/client/laptop.key.pub rename to example-simple-client-to-server/client/client.key.pub diff --git a/example-simple-client-to-server/client/wg0.conf b/example-simple-client-to-server/client/wg0.conf index d2f625d..fd3fdc3 100644 --- a/example-simple-client-to-server/client/wg0.conf +++ b/example-simple-client-to-server/client/wg0.conf @@ -1,13 +1,12 @@ [Interface] # Name = laptop.example-vpn.dev -Address = 10.0.0.4/32 +Address = 10.0.44.2/32 PrivateKey = OPmibSXYAAcMIYKNsWqr77zY06Kl750AEB1nWQi1T2o= DNS = 1.1.1.1 [Peer] -# Name = public-server1.example-vpn.tld -Endpoint = public-server1.example-vpn.tld:51820 +# Name = server.example-vpn.tld +Endpoint = server.example-vpn.tld:51820 PublicKey = q/+jwmL5tNuYSB3z+t9Caj00Pc1YQ8zf+uNPu/UE1wE= -# routes traffic to itself and entire subnet of peers as bounce server -AllowedIPs = 10.0.0.1/24 +AllowedIPs = 10.0.44.1/24 PersistentKeepalive = 25 diff --git a/example-simple-client-to-server/server/public-server1.key b/example-simple-client-to-server/server/server.key similarity index 100% rename from example-simple-client-to-server/server/public-server1.key rename to example-simple-client-to-server/server/server.key diff --git a/example-simple-client-to-server/server/public-server1.key.pub b/example-simple-client-to-server/server/server.key.pub similarity index 100% rename from example-simple-client-to-server/server/public-server1.key.pub rename to example-simple-client-to-server/server/server.key.pub diff --git a/example-simple-client-to-server/server/setup.sh b/example-simple-client-to-server/server/setup.sh index b9991f8..385c4d8 100644 --- a/example-simple-client-to-server/server/setup.sh +++ b/example-simple-client-to-server/server/setup.sh @@ -14,4 +14,4 @@ sudo sysctl -p /etc/sysctl.conf iptables -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT iptables -A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT iptables -A FORWARD -i wg0 -o wg0 -m conntrack --ctstate NEW -j ACCEPT -iptables -t nat -A POSTROUTING -s 10.0.0.0/24 -o eth0 -j MASQUERADE +iptables -t nat -A POSTROUTING -s 10.0.44.0/24 -o eth0 -j MASQUERADE diff --git a/example-simple-client-to-server/server/wg0.conf b/example-simple-client-to-server/server/wg0.conf index 7e28ae4..24db5bf 100644 --- a/example-simple-client-to-server/server/wg0.conf +++ b/example-simple-client-to-server/server/wg0.conf @@ -1,28 +1,11 @@ [Interface] # Name = public-server1.example-vpn.tld -Address = 10.0.0.1/24 +Address = 10.0.44.1/24 ListenPort = 51820 PrivateKey = 2P/3ll/TxGTjGqwcWnqJMnjwPqGw7oX1RaXlPfsf2FQ= DNS = 1.1.1.1 [Peer] -# Name = public-server2.example-vpn.dev -Endpoint = public-server2.example-vpn.dev:51820 -PublicKey = SceMEaVZaZfOGtGXjMsoJjhwxKHkb++9wjxqN1vm32s= -AllowedIPs = 10.0.0.2/32 - -[Peer] -# Name = home-server.example-vpn.dev -Endpoint = home-server.example-vpn.dev:51820 -PublicKey = 8bSk5fATxg9qdxbK20iTGdrQ7SWvxIBhxdMo+W54pEg= -AllowedIPs = 10.0.0.3/32 - -[Peer] -# Name = laptop.example-vpn.dev +# Name = client.example-vpn.dev PublicKey = BV5DjXeCugIrjvEZLo4sZ0hN5wveFTH8kOfZ1AIQ5js= -AllowedIPs = 10.0.0.4/32 - -[Peer] -# Name = phone.example-vpn.dev -PublicKey = VpjKa2MQKXuvttXRwJIe0LLYrtFYGQRTtmt8okUGm3A= -AllowedIPs = 10.0.0.5/32 +AllowedIPs = 10.0.44.2/32 diff --git a/example-simple-server-to-server/home-server/home-server.key b/example-simple-server-to-server/home-server/home-server.key deleted file mode 100644 index 2df1302..0000000 --- a/example-simple-server-to-server/home-server/home-server.key +++ /dev/null @@ -1 +0,0 @@ -WN+bvd3PCWs5Pk3bvl7abWR0c1L6PCWKYRX56mjVYGo= diff --git a/example-simple-server-to-server/home-server/home-server.key.pub b/example-simple-server-to-server/home-server/home-server.key.pub deleted file mode 100644 index 6d118d2..0000000 --- a/example-simple-server-to-server/home-server/home-server.key.pub +++ /dev/null @@ -1 +0,0 @@ -8bSk5fATxg9qdxbK20iTGdrQ7SWvxIBhxdMo+W54pEg= diff --git a/example-simple-server-to-server/home-server/setup.sh b/example-simple-server-to-server/home-server/setup.sh deleted file mode 100644 index 722ba80..0000000 --- a/example-simple-server-to-server/home-server/setup.sh +++ /dev/null @@ -1,9 +0,0 @@ -#!/bin/bash - -# install wireguard on FreeBSD -pkg install wireguard - -# install wireguard on Ubuntu -#add-apt-repository ppa:wireguard/wireguard -#apt update -#apt install wireguard diff --git a/example-simple-server-to-server/home-server/wg0.conf b/example-simple-server-to-server/home-server/wg0.conf deleted file mode 100644 index 2373455..0000000 --- a/example-simple-server-to-server/home-server/wg0.conf +++ /dev/null @@ -1,14 +0,0 @@ -[Interface] -# Name = home-server.example-vpn.dev -Address = 10.0.0.3/32 -ListenPort = 51820 -PrivateKey = WN+bvd3PCWs5Pk3bvl7abWR0c1L6PCWKYRX56mjVYGo= -DNS = 1.1.1.1 - -[Peer] -# Name = public-server1.example-vpn.tld -Endpoint = public-server1.example-vpn.tld:51820 -PublicKey = q/+jwmL5tNuYSB3z+t9Caj00Pc1YQ8zf+uNPu/UE1wE= -# routes traffic to itself and entire subnet of peers as bounce server -AllowedIPs = 10.0.0.1/24 -PersistentKeepalive = 25 diff --git a/example-simple-server-to-server/laptop/laptop.key b/example-simple-server-to-server/laptop/laptop.key deleted file mode 100644 index 686b3d9..0000000 --- a/example-simple-server-to-server/laptop/laptop.key +++ /dev/null @@ -1 +0,0 @@ -OPmibSXYAAcMIYKNsWqr77zY06Kl750AEB1nWQi1T2o= diff --git a/example-simple-server-to-server/laptop/laptop.key.pub b/example-simple-server-to-server/laptop/laptop.key.pub deleted file mode 100644 index 4165fa8..0000000 --- a/example-simple-server-to-server/laptop/laptop.key.pub +++ /dev/null @@ -1 +0,0 @@ -BV5DjXeCugIrjvEZLo4sZ0hN5wveFTH8kOfZ1AIQ5js= diff --git a/example-simple-server-to-server/laptop/setup.sh b/example-simple-server-to-server/laptop/setup.sh deleted file mode 100644 index 5fb0157..0000000 --- a/example-simple-server-to-server/laptop/setup.sh +++ /dev/null @@ -1,9 +0,0 @@ -#!/bin/bash - -# install wireguard on Ubuntu -#add-apt-repository ppa:wireguard/wireguard -#apt update -#apt install wireguard - -# install wireguard on macOS -brew install wireguard-tools diff --git a/example-simple-server-to-server/laptop/wg0.conf b/example-simple-server-to-server/laptop/wg0.conf deleted file mode 100644 index d2f625d..0000000 --- a/example-simple-server-to-server/laptop/wg0.conf +++ /dev/null @@ -1,13 +0,0 @@ -[Interface] -# Name = laptop.example-vpn.dev -Address = 10.0.0.4/32 -PrivateKey = OPmibSXYAAcMIYKNsWqr77zY06Kl750AEB1nWQi1T2o= -DNS = 1.1.1.1 - -[Peer] -# Name = public-server1.example-vpn.tld -Endpoint = public-server1.example-vpn.tld:51820 -PublicKey = q/+jwmL5tNuYSB3z+t9Caj00Pc1YQ8zf+uNPu/UE1wE= -# routes traffic to itself and entire subnet of peers as bounce server -AllowedIPs = 10.0.0.1/24 -PersistentKeepalive = 25 diff --git a/example-simple-server-to-server/phone/phone.key b/example-simple-server-to-server/phone/phone.key deleted file mode 100644 index a855da1..0000000 --- a/example-simple-server-to-server/phone/phone.key +++ /dev/null @@ -1 +0,0 @@ -WH98AvjKKZ584ZLb69G912bNry2wOda9+kfzm+qbnUw= diff --git a/example-simple-server-to-server/phone/phone.key.pub b/example-simple-server-to-server/phone/phone.key.pub deleted file mode 100644 index 0d67922..0000000 --- a/example-simple-server-to-server/phone/phone.key.pub +++ /dev/null @@ -1 +0,0 @@ -VpjKa2MQKXuvttXRwJIe0LLYrtFYGQRTtmt8okUGm3A= diff --git a/example-simple-server-to-server/phone/setup.sh b/example-simple-server-to-server/phone/setup.sh deleted file mode 100644 index fdbf4f4..0000000 --- a/example-simple-server-to-server/phone/setup.sh +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/bash - -# install wireguard on iOS/Android -echo "Use the iOS App Store / Google Play Store to install WireGuard on your mobile device" diff --git a/example-simple-server-to-server/phone/start.sh b/example-simple-server-to-server/phone/start.sh deleted file mode 100644 index de47355..0000000 --- a/example-simple-server-to-server/phone/start.sh +++ /dev/null @@ -1,3 +0,0 @@ -#!/bin/bash - -echo "Use the iOS/Android app to load the wg0.conf file and start Wireguard" diff --git a/example-simple-server-to-server/phone/stop.sh b/example-simple-server-to-server/phone/stop.sh deleted file mode 100644 index 4fc7f4a..0000000 --- a/example-simple-server-to-server/phone/stop.sh +++ /dev/null @@ -1,3 +0,0 @@ -#!/bin/bash - -echo "Use the iOS/Android app to load the wg0.conf file and stop Wireguard" diff --git a/example-simple-server-to-server/phone/wg0.conf b/example-simple-server-to-server/phone/wg0.conf deleted file mode 100644 index 47cf7a1..0000000 --- a/example-simple-server-to-server/phone/wg0.conf +++ /dev/null @@ -1,13 +0,0 @@ -[Interface] -# Name = phone.example-vpn.dev -Address = 10.0.0.5/32 -PrivateKey = WH98AvjKKZ584ZLb69G912bNry2wOda9+kfzm+qbnUw= -DNS = 1.1.1.1 - -[Peer] -# Name = public-server1.example-vpn.tld -Endpoint = public-server1.example-vpn.tld:51820 -PublicKey = q/+jwmL5tNuYSB3z+t9Caj00Pc1YQ8zf+uNPu/UE1wE= -# routes traffic to itself and entire subnet of peers as bounce server -AllowedIPs = 10.0.0.1/24 -PersistentKeepalive = 25 diff --git a/example-simple-server-to-server/public-server1/start.sh b/example-simple-server-to-server/public-server1/start.sh deleted file mode 100644 index 9e6a2fb..0000000 --- a/example-simple-server-to-server/public-server1/start.sh +++ /dev/null @@ -1,5 +0,0 @@ -#!/bin/bash - -PEER_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" -wg-quick up "$PEER_DIR"/wg0.conf -wg show diff --git a/example-simple-server-to-server/public-server1/stop.sh b/example-simple-server-to-server/public-server1/stop.sh deleted file mode 100644 index 2faef2c..0000000 --- a/example-simple-server-to-server/public-server1/stop.sh +++ /dev/null @@ -1,5 +0,0 @@ -#!/bin/bash - -PEER_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" -wg-quick down "$PEER_DIR"/wg0.conf -wg show diff --git a/example-simple-server-to-server/public-server1/wg0.conf b/example-simple-server-to-server/public-server1/wg0.conf deleted file mode 100644 index 7e28ae4..0000000 --- a/example-simple-server-to-server/public-server1/wg0.conf +++ /dev/null @@ -1,28 +0,0 @@ -[Interface] -# Name = public-server1.example-vpn.tld -Address = 10.0.0.1/24 -ListenPort = 51820 -PrivateKey = 2P/3ll/TxGTjGqwcWnqJMnjwPqGw7oX1RaXlPfsf2FQ= -DNS = 1.1.1.1 - -[Peer] -# Name = public-server2.example-vpn.dev -Endpoint = public-server2.example-vpn.dev:51820 -PublicKey = SceMEaVZaZfOGtGXjMsoJjhwxKHkb++9wjxqN1vm32s= -AllowedIPs = 10.0.0.2/32 - -[Peer] -# Name = home-server.example-vpn.dev -Endpoint = home-server.example-vpn.dev:51820 -PublicKey = 8bSk5fATxg9qdxbK20iTGdrQ7SWvxIBhxdMo+W54pEg= -AllowedIPs = 10.0.0.3/32 - -[Peer] -# Name = laptop.example-vpn.dev -PublicKey = BV5DjXeCugIrjvEZLo4sZ0hN5wveFTH8kOfZ1AIQ5js= -AllowedIPs = 10.0.0.4/32 - -[Peer] -# Name = phone.example-vpn.dev -PublicKey = VpjKa2MQKXuvttXRwJIe0LLYrtFYGQRTtmt8okUGm3A= -AllowedIPs = 10.0.0.5/32 diff --git a/example-simple-server-to-server/public-server2/start.sh b/example-simple-server-to-server/public-server2/start.sh deleted file mode 100644 index 9e6a2fb..0000000 --- a/example-simple-server-to-server/public-server2/start.sh +++ /dev/null @@ -1,5 +0,0 @@ -#!/bin/bash - -PEER_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" -wg-quick up "$PEER_DIR"/wg0.conf -wg show diff --git a/example-simple-server-to-server/public-server2/stop.sh b/example-simple-server-to-server/public-server2/stop.sh deleted file mode 100644 index 2faef2c..0000000 --- a/example-simple-server-to-server/public-server2/stop.sh +++ /dev/null @@ -1,5 +0,0 @@ -#!/bin/bash - -PEER_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" -wg-quick down "$PEER_DIR"/wg0.conf -wg show diff --git a/example-simple-server-to-server/public-server2/wg0.conf b/example-simple-server-to-server/public-server2/wg0.conf deleted file mode 100644 index fa8cf16..0000000 --- a/example-simple-server-to-server/public-server2/wg0.conf +++ /dev/null @@ -1,14 +0,0 @@ -[Interface] -# Name = public-server2.example-vpn.dev -Address = 10.0.0.2/32 -ListenPort = 51820 -PrivateKey = eDwURfg8PhpUAdPp+OA9pQ5oZQYqGqY3LToUORMh220= -DNS = 1.1.1.1 - -[Peer] -# Name = public-server1.example-vpn.tld -Endpoint = public-server1.example-vpn.tld:51820 -PublicKey = q/+jwmL5tNuYSB3z+t9Caj00Pc1YQ8zf+uNPu/UE1wE= -# routes traffic to itself and entire subnet of peers as bounce server -AllowedIPs = 10.0.0.1/24 -PersistentKeepalive = 25 diff --git a/example-simple-server-to-server/public-server1/public-server1.key b/example-simple-server-to-server/server1/server1.key similarity index 100% rename from example-simple-server-to-server/public-server1/public-server1.key rename to example-simple-server-to-server/server1/server1.key diff --git a/example-simple-server-to-server/public-server1/public-server1.key.pub b/example-simple-server-to-server/server1/server1.key.pub similarity index 100% rename from example-simple-server-to-server/public-server1/public-server1.key.pub rename to example-simple-server-to-server/server1/server1.key.pub diff --git a/example-simple-server-to-server/public-server1/setup.sh b/example-simple-server-to-server/server1/setup.sh similarity index 89% rename from example-simple-server-to-server/public-server1/setup.sh rename to example-simple-server-to-server/server1/setup.sh index b9991f8..385c4d8 100644 --- a/example-simple-server-to-server/public-server1/setup.sh +++ b/example-simple-server-to-server/server1/setup.sh @@ -14,4 +14,4 @@ sudo sysctl -p /etc/sysctl.conf iptables -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT iptables -A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT iptables -A FORWARD -i wg0 -o wg0 -m conntrack --ctstate NEW -j ACCEPT -iptables -t nat -A POSTROUTING -s 10.0.0.0/24 -o eth0 -j MASQUERADE +iptables -t nat -A POSTROUTING -s 10.0.44.0/24 -o eth0 -j MASQUERADE diff --git a/example-simple-server-to-server/home-server/start.sh b/example-simple-server-to-server/server1/start.sh similarity index 100% rename from example-simple-server-to-server/home-server/start.sh rename to example-simple-server-to-server/server1/start.sh diff --git a/example-simple-server-to-server/home-server/stop.sh b/example-simple-server-to-server/server1/stop.sh similarity index 100% rename from example-simple-server-to-server/home-server/stop.sh rename to example-simple-server-to-server/server1/stop.sh diff --git a/example-simple-server-to-server/server1/wg0.conf b/example-simple-server-to-server/server1/wg0.conf new file mode 100644 index 0000000..efd9d06 --- /dev/null +++ b/example-simple-server-to-server/server1/wg0.conf @@ -0,0 +1,12 @@ +[Interface] +# Name = server1.example-vpn.tld +Address = 10.0.44.1/24 +ListenPort = 51820 +PrivateKey = 2P/3ll/TxGTjGqwcWnqJMnjwPqGw7oX1RaXlPfsf2FQ= +DNS = 1.1.1.1 + +[Peer] +# Name = server2.example-vpn.dev +Endpoint = server2.example-vpn.dev:51820 +PublicKey = SceMEaVZaZfOGtGXjMsoJjhwxKHkb++9wjxqN1vm32s= +AllowedIPs = 10.0.44.2/32 diff --git a/example-simple-server-to-server/public-server2/public-server2.key b/example-simple-server-to-server/server2/server2.key similarity index 100% rename from example-simple-server-to-server/public-server2/public-server2.key rename to example-simple-server-to-server/server2/server2.key diff --git a/example-simple-server-to-server/public-server2/public-server2.key.pub b/example-simple-server-to-server/server2/server2.key.pub similarity index 100% rename from example-simple-server-to-server/public-server2/public-server2.key.pub rename to example-simple-server-to-server/server2/server2.key.pub diff --git a/example-simple-server-to-server/public-server2/setup.sh b/example-simple-server-to-server/server2/setup.sh similarity index 100% rename from example-simple-server-to-server/public-server2/setup.sh rename to example-simple-server-to-server/server2/setup.sh diff --git a/example-simple-server-to-server/laptop/start.sh b/example-simple-server-to-server/server2/start.sh similarity index 100% rename from example-simple-server-to-server/laptop/start.sh rename to example-simple-server-to-server/server2/start.sh diff --git a/example-simple-server-to-server/laptop/stop.sh b/example-simple-server-to-server/server2/stop.sh similarity index 100% rename from example-simple-server-to-server/laptop/stop.sh rename to example-simple-server-to-server/server2/stop.sh diff --git a/example-simple-server-to-server/server2/wg0.conf b/example-simple-server-to-server/server2/wg0.conf new file mode 100644 index 0000000..5758827 --- /dev/null +++ b/example-simple-server-to-server/server2/wg0.conf @@ -0,0 +1,12 @@ +[Interface] +# Name = server2.example-vpn.dev +Address = 10.0.44.2/32 +ListenPort = 51820 +PrivateKey = eDwURfg8PhpUAdPp+OA9pQ5oZQYqGqY3LToUORMh220= +DNS = 1.1.1.1 + +[Peer] +# Name = server1.example-vpn.tld +Endpoint = server1.example-vpn.tld:51820 +PublicKey = q/+jwmL5tNuYSB3z+t9Caj00Pc1YQ8zf+uNPu/UE1wE= +AllowedIPs = 10.0.44.1/24