Typo below:
- 2) "Restart WireGuard VPN" takes << 1 second (using "syncconf"), no
noticeable impact at all, even when editing the AllowedIPs of the peer tunnel
used for
+ 2) "Reload WireGuard VPN" takes << 1 second (using "syncconf"), no noticeable
impact at all, even when editing the AllowedIP
> Will this be in 1.3.6?
It looks like it will, I'm testing ... Exactly what will be the final solution
upstream is to be determined, Jason considered moving the "syncconf" code into
the standard "setconf". Jason's thoughts are here:
https://lists.zx2c4.com/pipermail/wireguard/2019-June/004225
Thanks Lonnie.
Awesome news as I am looking to build my entire Astlinux network around
Wireguard and this was a big issue especially since I didn't realise that wg
setconf interrupted active tunnels (whoops).
Will this be in 1.3.6?
Regards
Michael Knill
On 13/6/19, 1:35 pm, "Lonnie Abelbeck"
Hi Michael,
> On Jun 8, 2019, at 10:28 PM, Michael Knill
> wrote:
>
> Hi Lonnie
>
> I have overcome having to reset Wireguard by adding it to the configuration
> and then adding the peer from the command line as follows:
> wg set wg0 peer allowed-ips
> /32
>
> Seems to work fine. May be wo
gt;> # Peer 1
>>> PublicKey = ###
>>> AllowedIPs = 172.29.202.1/32
>>>
>>> [Peer]
>>> # Peer 2
>>> PublicKey = ###
>>> AllowedIPs = 172.29.202.2/32. >
>>>
>>> [Peer
#
>>> AllowedIPs = 172.29.201.2/32 >
>>>
>>> [Peer]
>>> # Peer 200
>>> PublicKey = ###
>>> AllowedIPs = 172.29.201.200/32
>>>
>>>
>>> -- Secondary Server --
>>> gui.wireguard.conf:
>>> WIREGUARD_IP=&qu
> ip addr add 172.29.202.1/24 dev wg0
>>
>> wg0.peer:
>> [Peer]
>> # Management Server
>> PublicKey = ###
>> Endpoint = management01.ipcaccess.net
>> AllowedIPs = 172.29.200.254/32
>> PersistentKeepa
; WIREGUARD_IP="172.29.253.1"
>> WIREGUARD_NM="255.255.255.0"
>>
>> rc.elocal:
>> # Add Secondary IP Addresses to wg0
>> ip addr add 172.29.200.1/24 dev wg0
>> ip addr add 172.29.201.1/24 dev wg0
>> ip addr add 172.29.202.1/24 d
keepalive required as SIP Options ping will keep it up
>
> [Peer]
> # Secondary Server
> PublicKey = ###
> Endpoint = secondary01.ipcaccess.net
> AllowedIPs = 172.29.202.254/32
> # No keepalive required as SIP Options ping will keep it up
>
gt; # Secondary Server
> PublicKey = ###
> Endpoint = secondary01.ipcaccess.net
> AllowedIPs = 172.29.202.254/32
> # No keepalive required as SIP Options ping will keep it up
>
> [Peer]
> # Another Astlinux box peering to us
> PublicKey = ###
> AllowedIPs = 172.29.253.2/3
--
Can anyone see problems with this configuration?
Regards
Michael Knill
From: David Kerr
Reply-To: AstLinux List
Date: Tuesday, 1 January 2019 at 6:21 pm
To: AstLinux List
Subject: Re: [Astlinux-users] Multiple wg interfaces
Michael,
A single wg interface can have multiple IP addresses. Th
-To: AstLinux List
Date: Tuesday, 1 January 2019 at 6:21 pm
To: AstLinux List
Subject: Re: [Astlinux-users] Multiple wg interfaces
Michael,
A single wg interface can have multiple IP addresses. They can be different
subnets too. You will have to manually edit the config files.
David.
On Tue
Hi Michael,
You can do a lot with a single wg0 interface, and makes the routing and
firewall forwarding easier to keep track of.
> Here is my scenario. I have primary and backup Wireguard VPN Peers that
> multiple Astlinux boxes will be connecting to.
I'm not sure what you are describing, som
Michael,
A single wg interface can have multiple IP addresses. They can be
different subnets too. You will have to manually edit the config files.
David.
On Tue, Jan 1, 2019 at 6:37 AM Michael Knill <
michael.kn...@ipcsolutions.com.au> wrote:
> Hi group
>
>
>
> Here is my scenario. I have pri
Hi group
Here is my scenario. I have primary and backup Wireguard VPN Peers that
multiple Astlinux boxes will be connecting to.
I assume that I will need different wgx interfaces for this as I cant have the
same IP Address.
If so, just wondering how to set this up in Astlinux?
Regards
Michael K
15 matches
Mail list logo
