This article is a mirror article of machine translation, please click here to jump to the original article.

Architect_Programmer_Code Agriculture Network»Architect Programming Technical chat Use Docker to build WireGuard geonetworking
View: 6533|Reply: 2

Use Docker to build WireGuard geonetworking

[Copy link]
Posted on 2023-10-14 17:36:49 | | | |
Requirements: Based on WireGuard, multiple remote devices can be formed into a local area network, and each device can access each other, for example, a computer from Shanghai Mobile and a computer from Shandong Unicom can access each other, as shown in the figure below:




Compare Tailscale, ZeroTier, WireGuard, OmniEdge, and Ngrok for geo-networking solutions
https://www.itsvse.com/thread-10646-1-1.html



WireGuard is an extremely simple yet fast and modern VPN with state-of-the-art encryption. Its goal is to be faster, simpler, leaner, and more useful than IPsec while avoiding headaches. Its performance is much higher than OpenVPN. WireGuard is designed to be a general-purpose VPN that runs on embedded interfaces and supercomputers, making it suitable for many different situations. Originally released for the Linux kernel, it is now cross-platform (Windows, macOS, BSD, iOS, Android) and widely deployable. It's currently in heavy development, but it's probably already considered the most secure, easy-to-use, and simplest VPN solution in the industry.

Official Website:The hyperlink login is visible.
Source:The hyperlink login is visible.



Docker WireGuard Images:The hyperlink login is visible.
Docker WireGuard source code:The hyperlink login is visible.

This article is based on Docker to run WireGuard, and when starting the wg-easy container with CentOS 7, the error is as follows:


Error: WireGuard exited with the error: Cannot find device "wg0"
This usually means that your host's kernel does not support WireGuard!
So, replace an Ubuntu 20.04 system and install the docker service with the following command:

An example of running a WireGuard container is as follows:

$ docker run -d \
  --name=wg-easy \
  -e WG_HOST=YOUR_SERVER_IP \
  -e PASSWORD=YOUR_ADMIN_PASSWORD \
  -v ~/.wg-easy:/etc/wireguard \
  -p 51820:51820/udp \
  -p 51821:51821/tcp \
  --cap-add=NET_ADMIN \
  --cap-add=SYS_MODULE \
  --sysctl="net.ipv4.conf.all.src_valid_mark=1" \
  --sysctl="net.ipv4.ip_forward=1" \
  --restart unless-stopped \
  weejewel/wg-easy
You need to modify and add environment variables: WG_HOST, PASSWORD, WG_DEFAULT_DNS, WG_PERSISTENT_KEEPALIVE, and the modified command is as follows:

The Cloud Server Firewall security group needs to be released:UDP/51820,TCP/51821Port.

Then access it through your browser:http://ip:51821/As shown below:



Create two new clients, and then download the configuration file, Home1 corresponds to Shanghai Mobile, and Home2 corresponds to Shandong Unicom, as shown in the figure below:



Shanghai Mobile and Shandong Unicom are both Windows devices, you need to download the Windows installer, download address:The hyperlink login is visible.

Tourists, if you want to see the hidden content of this post, pleaseReply


Example profile:



After Shanghai Mobile and Shandong Unicom download and install them, import the WireGuard configuration files respectively, as shown in the figure below:



Another computer imports another configuration file and connects. (omitted)

Test accessing the web service on the 10.8.0.3 computer from 10.8.0.2 as shown in the following figure:



(End)




Previous:Alibaba Cloud ECS and Lightweight Cloud Server interoperate with the regional intranet
Next:The difference between Linux package management yum and dnf

Related Posts
 Landlord| Posted on 2023-10-15 14:15:59 |
WireGuard-based access to peer LAN access
https://www.itsvse.com/thread-10683-1-1.html
Posted on 2023-10-16 17:19:27 |
Learn to learn
Disclaimer:
All software, programming materials or articles published by Code Farmer Network are only for learning and research purposes; The above content shall not be used for commercial or illegal purposes, otherwise, users shall bear all consequences. The information on this site comes from the Internet, and copyright disputes have nothing to do with this site. You must completely delete the above content from your computer within 24 hours of downloading. If you like the program, please support genuine software, purchase registration, and get better genuine services. If there is any infringement, please contact us by email.
Mail To:help@itsvse.com