3103f31ccdc99c9ce2577c426dc13126c5a386fa
howto/vyos.md
| ... | ... | @@ -14,11 +14,12 @@ _1.3-rolling-202004300117 is a known good release to work with Wireguard and DN4 |
| 14 | 14 | |
| 15 | 15 | |
| 16 | 16 | ##Wireguard |
| 17 | -1. First we need to setup keys. |
|
| 18 | -`generate wireguard default-keypair` |
|
| 19 | -2. Grab your public key and save it for later. This will be shared with peers. |
|
| 17 | +###Setup Keys |
|
| 18 | +`generate wireguard default-keypair` |
|
| 20 | 19 | `show wireguard keypairs pubkey default` |
| 21 | -3. Next we need to configure our peer. They should have provided their endpoint public IP, port, DN42 address, and public wireguard key. |
|
| 20 | +_Grab your public key and save it for later. This will be shared with peers._ |
|
| 21 | +###Configure Peer Tunnel |
|
| 22 | +_They should have provided their endpoint public IP, port, DN42 address, and public wireguard key._ |
|
| 22 | 23 | `set interfaces wireguard wg01 address '172.x.x.x/32'` |
| 23 | 24 | _this is a single address within your DN42 registered address space_ |
| 24 | 25 | `set interfaces wireguard wg01 peer OtherGuy1 allowed-ips '0.0.0.0/0''` |
| ... | ... | @@ -31,7 +32,8 @@ _the configured port on your peers endpoint_ |
| 31 | 32 | _your peers public wireguard key_ |
| 32 | 33 | `set interfaces wireguard wg01 port '12345'` |
| 33 | 34 | _the port your wireguard endpoint will "listen" on_ |
| 34 | -4. In case you are wondering how you are going to route packets anywhere with a /32, the next command explains it all. |
|
| 35 | +###Set Static Route |
|
| 36 | +_In case you are wondering how you are going to route packets anywhere with a /32, the next command explains it all._ |
|
| 35 | 37 | `set protocols static interface-route 172.x.x.x/32 next-hop-interface wg01` |
| 36 | 38 | _this is a single provided address by your peer that is assigned to them in the registry_ |
| 37 | 39 |