Changes

Template:Networking rutos manual vpn (view source)

Revision as of 10:51, 16 April 2024

356 bytes added ,  16 April
no edit summary
Line 2,091: Line 2,091:  
WireGuard works by adding an interface which acts as a tunnel. To create one enter its name and click the <b>Add</b> button. This should add a new Wireguard instance and open a configuration window.
 
WireGuard works by adding an interface which acts as a tunnel. To create one enter its name and click the <b>Add</b> button. This should add a new Wireguard instance and open a configuration window.
   −
[[File:Networking_rutx_vpn_wireguard_v1.png|border|class=tlt-border]]
+
[[File:Networking_rutx_vpn_wireguard_v2.png|border|class=tlt-border]]
    
===General Instance Settings===
 
===General Instance Settings===
Line 2,099: Line 2,099:  
Private keys and generate them, specify Port and IP addresses for communication.
 
Private keys and generate them, specify Port and IP addresses for communication.
   −
[[File:Networking_rutx_vpn_wireguard_instance_general_v1.png|border|class=tlt-border]]
+
[[File:Networking_rutx_vpn_wireguard_instance_general_v3.png|border|class=tlt-border]]
    
<table class="nd-mantable">
 
<table class="nd-mantable">
Line 2,114: Line 2,114:  
     <tr>
 
     <tr>
 
     <td>Private Key</td>
 
     <td>Private Key</td>
         <td>string; default: <b>none</b></td>
+
         <td>string; default: <b>-</b></td>
 
         <td>Private Key used in authentication.</td>
 
         <td>Private Key used in authentication.</td>
 
     </tr>
 
     </tr>
Line 2,145: Line 2,145:  
Advanced Settings section contains Metric and MTU configuration for this WireGuard interface.
 
Advanced Settings section contains Metric and MTU configuration for this WireGuard interface.
   −
[[File:Networking_rutos_vpn_wireguard_instance_advanced_v2.png|border|class=tlt-border]]
+
[[File:Networking_rutos_vpn_wireguard_instance_advanced_v3.png|border|class=tlt-border]]
    
<table class="nd-mantable">
 
<table class="nd-mantable">
Line 2,156: Line 2,156:  
     <td>Metric</td>
 
     <td>Metric</td>
 
         <td>positive integer; default: <b>none</b></td>
 
         <td>positive integer; default: <b>none</b></td>
         <td>Specify metric for this tunnel interface. Lower number means higher priority.</td>
+
         <td>Specify (Optional) metric for this tunnel interface. Lower number means higher priority.</td>
 +
    </tr>
 +
    <tr>
 +
    <td>Listen port</td>
 +
        <td>integer [1..65535]; default: <b>51820</b></td>
 +
        <td>Required. UDP port used for outgoing and incoming packets.</td>
 
     </tr>
 
     </tr>
 
     <tr>
 
     <tr>
 
     <td>MTU</td>
 
     <td>MTU</td>
 
         <td>integer [1280..1420]; default: <b>none</b></td>
 
         <td>integer [1280..1420]; default: <b>none</b></td>
         <td>Maximum Transmission Unit for this tunnel interface.</td>
+
         <td>Optional. Maximum Transmission Unit of tunnel interface. Range [68 to 9200]. If not specified, the MTU is automatically determined by physical interface MTU value.</td>
 
     </tr>
 
     </tr>
 
     <tr>
 
     <tr>
 
     <td>DNS servers</td>
 
     <td>DNS servers</td>
         <td>ip | ips; default: <b>none</b></td>
+
         <td>ip; default: <b>none</b></td>
 
         <td>DNS server(s) for this Wireguard interface.</td>
 
         <td>DNS server(s) for this Wireguard interface.</td>
 
     </tr>
 
     </tr>
Line 2,174: Line 2,179:  
----
 
----
   −
The Peers section is used to create and configure all the peers for this interface.  
+
The Peers section is used to create and configure all the peers for this interface. To create one enter its name and click the <b>Add</b> button.
To create one enter its name and click the <b>Add</b> button.  
+
 
To configure it click the <b>Edit</b> [[File:Networking_rutx_manual_edit_button_v1.png]] button.
+
[[File:Networking_rutx_vpn_wireguard_instance_peer_v3.png|border|class=tlt-border]]
[[File:Networking_rutx_vpn_wireguard_instance_peer_v2.png|border|class=tlt-border]]
        Line 2,185: Line 2,189:  
In the General section of Peer instance you can configure basic information about the endpoint to allow communications.   
 
In the General section of Peer instance you can configure basic information about the endpoint to allow communications.   
   −
[[File:Networking_rutos_vpn_wireguard_instance_peer_instance_general_v2.png|border|class=tlt-border]]
+
[[File:Networking_rutos_vpn_wireguard_instance_peer_instance_general_v3.png|border|class=tlt-border]]
    
<table class="nd-mantable">
 
<table class="nd-mantable">
Line 2,196: Line 2,200:  
     <td>Public Key</td>
 
     <td>Public Key</td>
 
         <td>string; default: <b>none</b></td>
 
         <td>string; default: <b>none</b></td>
         <td>Endpoint's Public Key.</td>
+
         <td>Base64-encoded public key of peer.</td>
 +
    </tr>
 +
    <tr>
 +
    <td>Endpoint host</td>
 +
        <td>domain name {{!}} ip; default: <b>none</b></td>
 +
        <td>Host of peer. Names are resolved prior to bringing up the interface.</td>
 
     </tr>
 
     </tr>
 
     <tr>
 
     <tr>
 
     <td>Allowed IPs</td>
 
     <td>Allowed IPs</td>
 
         <td>ip; default: <b>none</b></td>
 
         <td>ip; default: <b>none</b></td>
         <td>A single IP address or a list of them which are allowed to communicate with this peer.</td>
+
         <td>IP addresses and prefixes that this peer is allowed to use inside the tunnel. Usually the peer's tunnel IP addresses and the networks the peer routes through the tunnel.</td>
 
     </tr>
 
     </tr>
 
     <tr>
 
     <tr>
Line 2,211: Line 2,220:  
       <td>Route Allowed IPs</td>
 
       <td>Route Allowed IPs</td>
 
         <td>off {{!}} on; default: <b>off</b></td>
 
         <td>off {{!}} on; default: <b>off</b></td>
         <td>Enable to create routes for <b>Allowed IPs</b> for this peer.</td>
+
         <td>Create routes for Allowed IPs for this peer.</td>
 
     </tr>
 
     </tr>
 
</table>
 
</table>
Line 2,222: Line 2,231:  
settings such as its Description, Endpoint Host and Port, Preshared Key and other.  
 
settings such as its Description, Endpoint Host and Port, Preshared Key and other.  
 
See more information below.  
 
See more information below.  
[[File:Networking_rutx_vpn_wireguard_instance_peer_instance_advanced_v1.png|border|class=tlt-border]]
+
[[File:Networking_rutx_vpn_wireguard_instance_peer_instance_advanced_v2.png|border|class=tlt-border]]
    
<table class="nd-mantable">
 
<table class="nd-mantable">
Line 2,231: Line 2,240:  
     </tr>
 
     </tr>
 
     <tr>
 
     <tr>
     <td>Description</td>
+
     <td>Tunnel source</td>
         <td>string; default: <b>none</b></td>
+
         <td>Any {{!}} LAN {{!}} WAN {{!}} Mobile; default: <b>Any</b></td>
         <td>Description of this peer.</td>
+
         <td>Interface to bind this instance to.</td>
 
     </tr>
 
     </tr>
 
     <tr>
 
     <tr>
Line 2,239: Line 2,248:  
         <td>string; default: <b>none</b></td>
 
         <td>string; default: <b>none</b></td>
 
         <td>Base64-encoded preshared key. Adds in an additional layer of symmetric-key cryptography for post-quantum resistance.</td>
 
         <td>Base64-encoded preshared key. Adds in an additional layer of symmetric-key cryptography for post-quantum resistance.</td>
    </tr>
  −
    <tr>
  −
      <td>Route Allowed IPs</td>
  −
        <td>off {{!}} on; default: <b>off</b></td>
  −
        <td>Enable to create routes for <b>Allowed IPs</b> for this peer.</td>
  −
    </tr>
  −
    <tr>
  −
    <td>Endpoint Host</td>
  −
        <td>ip {{!}} url; default: <b>none</b></td>
  −
        <td>IP or URL of Remote Endpoint.</td>
   
     </tr>
 
     </tr>
 
     <tr>
 
     <tr>
 
     <td>Endpoint Port</td>
 
     <td>Endpoint Port</td>
         <td>integer [0..65535]; default: <b>none</b></td>
+
         <td>integer [1..65535]; default: <b>none</b></td>
 
         <td>Specify port to connect to Remote Endpoint. It will be set to <b>51820</b> if left empty.</td>
 
         <td>Specify port to connect to Remote Endpoint. It will be set to <b>51820</b> if left empty.</td>
 
     </tr>
 
     </tr>
Line 2,258: Line 2,257:  
     <td>Persistent Keep Alive</td>
 
     <td>Persistent Keep Alive</td>
 
         <td>integer [0..65535]; default: <b>none</b></td>
 
         <td>integer [0..65535]; default: <b>none</b></td>
         <td>Specify time amount in seconds between Keep Alive messages. By default this option is <b>0</b> which means it is disabled. Recommended value for a device behind NAT is 25.</td>
+
         <td>Seconds between keep alive messages. Default is 0 (disabled). Recommended value if this device is behind a NAT is 25. Range [0 to 65535].</td>
 +
    </tr>
 +
    <tr>
 +
    <td>Routing table</td>
 +
        <td>string; default: <b>none</b></td>
 +
        <td>Defines which routing table to use for this peer routes, not necessary to configure for most setups..</td>
 
     </tr>
 
     </tr>
 
</table>
 
</table>
Retrieved from "https://wiki.teltonika-networks.com/view/Special:MobileDiff/123758"

Navigation menu