This is an old revision of the document!
Install VPN-Server on Debian 9.x
Ausgangslage:
LAN Network=192.168.1.0/24
VPN Network=192.168.100.0/24
VPN Port=53666/UDP
# echo "deb http://deb.debian.org/debian/ unstable main" > /etc/apt/sources.list.d/unstable.list # printf 'Package: *\nPin: release a=unstable\nPin-Priority: 90\n' > /etc/apt/preferences.d/limit-unstable # apt-get update # apt-get install wireguard linux-headers-$(uname -r) # reboot # umask 077 && cd /etc/wireguard/ # wg genkey > wg0.conf
# vim /etc/wireguard/wg0.conf
[Interface] Address = 192.168.100.1/24 SaveConfig = true PostUp = iptables -I FORWARD -i wg0 -j ACCEPT; iptables -I FORWARD -o wg0 -j ACCEPT PostDown = iptables -F FORWARD ListenPort = 53666 PrivateKey = INVH3hPTDtaQVB7TkGy/qLMeEgbiiUjV2PbPF0B4+ns=
# sysctl net.ipv4.ip_forward=1
# vim /etc/sysctl.d/99-sysctl.conf
# sysctl settings are defined through files in # /usr/lib/sysctl.d/, /run/sysctl.d/, and /etc/sysctl.d/. # # Vendors settings live in /usr/lib/sysctl.d/. # To override a whole file, create a new file with the same in # /etc/sysctl.d/ and put new settings there. To override # only specific settings, add a file with a lexically later # name in /etc/sysctl.d/ and put new settings there. # # For more information, see sysctl.conf(5) and sysctl.d(5). net.ipv4.ip_forward=1
# sysctl -p # systemctl start wg-quick@wg0.service # systemctl enable wg-quick@wg0.service
# wg
interface: wg0 public key: g5C+DlBfxAzk+QHU6wSDC9PGKoSHTf5j9NC9fBQcrks= private key: (hidden) listening port: 53666