基于 Centos 7 的 wireguard安装

一、官网安装wireguard的三种方式

    1、a signed module is available as built-in to CentOS's kernel-plus:

$ sudo yum install yum-utils epel-release
$ sudo yum-config-manager --setopt=centosplus.includepkgs=kernel-plus --enablerepo=centosplus --save
$ sudo sed -e 's/^DEFAULTKERNEL=kernel$/DEFAULTKERNEL=kernel-plus/' -i /etc/sysconfig/kernel
$ sudo yum install kernel-plus wireguard-tools
$ sudo reboot

   2、 users wishing to stick with the standard kernel may use ELRepo's pre-built module:

$ sudo yum install epel-release elrepo-release
$ sudo yum install yum-plugin-elrepo
$ sudo yum install kmod-wireguard wireguard-tools

  3、 users running non-standard kernels may wish to use the DKMS package instead:

$ sudo yum install https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
$ sudo curl -o /etc/yum.repos.d/jdoss-wireguard-epel-7.repo https://copr.fedorainfracloud.org/coprs/jdoss/wireguard/repo/epel-7/jdoss-wireguard-epel-7.repo
$ sudo yum install wireguard-dkms wireguard-tools

二、配置网络环境,确保防火墙放行UDP协议 port 51820

sudo firewall-cmd --zone=public --add-port=51820/udp --permanent
sudo firewall-cmd --reload

三、生成服务器端key

wg genkey | tee server.key | wg pubkey > server.pub

四、配置服务器端

复制代码
vim /etc/wireguard/wg0.conf

[Interface] 
Address = 10.0.0.1/24 #配置服务器IP 
ListenPort = 51820 # 端口 PrivateKey = <server.key中的私钥>

[Peer] 
PublicKey = <客户端公钥> 
AllowedIPs = 10.0.0.2/32 #客户端网段
复制代码

五、启动服务端

systemctl enable wg-quick@wg0 
systemctl start wg-quick@wg0

#sudo wg-quick up wg0
#sudo wg-quick down wg0

六、生成客户端key

wg genkey | tee client.key | wg pubkey > client.pub

七、配置客户端

复制代码
vim /etc/wireguard/wg0.conf

[Interface] 
Address = 10.0.0.2/24 #配置客户端IP 
PrivateKey = <client.key中的私钥>

[Peer] 
PublicKey = <服务器端的公钥> 
Endpoint = <服务器IP>:51820 
AllowedIPs = 0.0.0.0/0,::/0 #允许经过的流量
复制代码

八、启动客户端

systemctl enable wg-quick@wg0 
systemctl start wg-quick@wg0
#sudo wg-quick up wg0
#sudo wg-quick down wg0

九、检查连接状态

sudo wg show

设置路由
#使客户端所有流量通过wireguard

ip route add 0.0.0.0/0 dev wg0

#配置服务器路由,使客户端流量可以访问到服务器

ip route add 10.0.0.0/24 dev wg0

posted @   没有头发  阅读(2504)  评论(0编辑  收藏  举报
相关博文:
· 记录搭建workpress
· Centos7 yum更新内核并开启bbr
· Centos 7 下安装 Wireguard
· Centos安装wireguard VPN
· wireguard 安装配置
阅读排行:
· 阿里最新开源QwQ-32B,效果媲美deepseek-r1满血版,部署成本又又又降低了!
· 开源Multi-agent AI智能体框架aevatar.ai,欢迎大家贡献代码
· Manus重磅发布:全球首款通用AI代理技术深度解析与实战指南
· 被坑几百块钱后,我竟然真的恢复了删除的微信聊天记录!
· AI技术革命,工作效率10个最佳AI工具
点击右上角即可分享
微信分享提示