使用Wireguard通过网关互连2台主机

时间:2019-05-22 12:22:12

标签: wireguard

我有3个具有公共IP的VPS服务器,我们称它们为wireguard1,wireguard2和wireguard3。

我已经成功使用以下DigitalOcean tutorial连接了wireguard1和wireguard2。 然后,我成功地连接了wireguard1和wireguard3。

配置文件如下:

在wireguard1上:

[Interface]
Address = 10.0.0.1/24
SaveConfig = true
ListenPort = 5555
PrivateKey = <wireguard1 private key>

[Peer]
PublicKey = <wireguard2 public key>
AllowedIPs = 10.0.0.2/32
Endpoint = <wireguard2 public ip address>:5555

[Peer]
PublicKey = <wireguard3 public key>
AllowedIPs = 10.0.0.3/32
Endpoint = <wireguard3 public ip address>:5555

wireguard2上:

[Interface]
Address = 10.0.0.2/24
SaveConfig = true
ListenPort = 5555
PrivateKey = <wireguard2 private key>

[Peer]
PublicKey = <wireguard1 public key>
AllowedIPs = 10.0.0.0/24
Endpoint = <wireguard1 public ip address>:5555

wireguard3:

[Interface]
Address = 10.0.0.3/24
SaveConfig = true
ListenPort = 5555
PrivateKey = <wireguard3 private key>

[Peer]
PublicKey = <wireguard1 public key>
AllowedIPs = 10.0.0.0/24
Endpoint = <wireguard1 public ip address>:5555

我可以从wireguard2(10.0.0.2)ping wireguard1(10.0.0.1),反之亦然,因此可以正常工作。 我可以从wireguard3(10.0.0.3)ping到wireguard1(10.0.0.1),反之亦然,所以可以正常工作。

但是,我无法从wireguard3(10.0.0.3)ping接线卫士2(10.0.0.2),反之亦然。我确实可以在wireguard2的[Peer]部分中引用wireguard3,但我想找到一种解决方案,使所有流量都通过wireguard1。

我认为将AllowedIP设置为10.0.0.0/24可以解决问题,但似乎不起作用。

有没有一个可行的解决方案?

1 个答案:

答案 0 :(得分:0)

我有一段时间遇到同样的问题。看来您需要使所有对等方都具有所有其他客户端的公钥才能起作用。但是,我不确定是否全部都需要端点。对于您的配置,它看起来像这样:

在wireguard1上:

[Interface]
Address = 10.0.0.1/24
SaveConfig = true
ListenPort = 5555
PrivateKey = <wireguard1 private key>

[Peer]
PublicKey = <wireguard2 public key>
AllowedIPs = 10.0.0.2/32
Endpoint = <wireguard2 public ip address>:5555

[Peer]
PublicKey = <wireguard3 public key>
AllowedIPs = 10.0.0.3/32
Endpoint = <wireguard3 public ip address>:5555

wireguard2上:

[Interface]
Address = 10.0.0.2/24
SaveConfig = true
ListenPort = 5555
PrivateKey = <wireguard2 private key>

[Peer]
PublicKey = <wireguard1 public key>
AllowedIPs = 10.0.0.1/32
Endpoint = <wireguard1 public ip address>:5555

[Peer]
PublicKey = <wireguard3 public key>
AllowedIPs = 10.0.0.3/32
Endpoint = <wireguard3 public ip address>:5555

wireguard3:

[Interface]
Address = 10.0.0.3/24
SaveConfig = true
ListenPort = 5555
PrivateKey = <wireguard3 private key>

[Peer]
PublicKey = <wireguard1 public key>
AllowedIPs = 10.0.0.1/32
Endpoint = <wireguard1 public ip address>:5555

[Peer]
PublicKey = <wireguard2 public key>
AllowedIPs = 10.0.0.2/32
Endpoint = <wireguard2 public ip address>:5555
相关问题
最新问题