Wireguard VPN On Raspberry Pi
Ғылым және технология
Setting up Wireguard VPN between a couple of Raspberry Pi's. Included is the config for both IPv4 and IPv6.
test
wg-quick up wg0
wg-quick down wg0
auto start
systemctl start wg-quick@wg0
systemctl enable wg-quick@wg0
Пікірлер: 41
Great video, nice explanation. Scott has quality IT support with the benefit of offsite CCTV storage!
Man. You present it very well - no fuzz - real quick. Fortunately youtube has a back arrow. . Ill check out your video on your nftables stuff in there. Thanks for making this - it is very useful
@TallPaulTech
2 ай бұрын
I do like nftables
I hope ya know that i have learnt more from you in this video alone then i have within my whole 12 years of schooling. keep up the great vids. -Your second favorite store clerk
Awesome simple explained. Thank you
Great vid thanks
Wait, she was dumpster diving? 😂 Another great video, Thankyou
I’m planning on building a vpn server at my and 2 other friends houses. We have a lot of files we share across multiple NASes and want to duplicate them as well as remote vpn access. Just waiting for the others to get fiber!
Im running wireguard sever in container on cloud server with nginx reverse proxy. Currently its all running in ipv4 and works great. Im trying to add ipv6 support and most importantly without using nat. This setup is bit confusing and would be great if you have some idea?
Great video. In your example of the workshop footage coming to your location, wouldn't you also have to configure port-forwarding on your router to redirect the 51820 traffic to the desired endpoint device for storage?
@TallPaulTech
4 ай бұрын
Why did you edit asking how to make it come up at boot? Now nobody will know!
@darrenoleary5952
4 ай бұрын
@@TallPaulTechi ended up working it out about 5 minutes later.
Wireguard is nice but there's the chance that, while you're out and about and need to do something on your home network (or just want a secure tunnel), almost all untrusted networks you'll connect to will block Wireguard traffic as it's not obfuscated in any way by default. My job does this on both the internal network and guest network and I have no way of circumventing that issue unless I use some other VPN protocol that they can't outright block due to them using it as well.
@TallPaulTech
Жыл бұрын
Well they could do that for any protocol
@FatherlyFox
Жыл бұрын
@@TallPaulTech of course they can, but I've seen Wireguard blocked more than any other VPN protocol I've used; works wonders over cellular though, chose to stick with Wireguard vs L2TP/OpenVPN/SoftEther/etc just because of the speed benefit and ease of use.
@LampJustin
Жыл бұрын
@@FatherlyFox try setting the port to 443. That's should make it work unless they use some good ids/ips. Thanks to google HTTPS traffic can flow over udp with the quick protocol, so WireGuards udp traffic should be fine.
@FatherlyFox
Жыл бұрын
@@LampJustin I mean I could do that but it isn't that hard to detect unobfuscated Wireguard packets; setting it to UDP 443 alone would not help, it would require some sort of wrapping program on both ends to actually try and obfuscate the traffic. Also considering my workplace (retail store) doesn't have control over their outbound network, they use parts of the US-DOD 6.0.0.0/8 and 7.0.0.0/8 networks for some reason, I would expect heavy DPI to be in place.
You should try zero tier one it’s even simplier to config
@garylovesbeer
Жыл бұрын
Limited number of clients unless you want to subscribe.
@josedavid6400
Жыл бұрын
@@garylovesbeer yeah 25 nodes maybe not much. Always can make your own install on-premise
Nice, all I need to know now is how to setup the NFT and I'm away
@TallPaulTech
Жыл бұрын
Well then, you'd best check out my video on the matter
@georgehavey
Жыл бұрын
I'm not sure you need a NFT, in my experience wireguard's allowedIP does it for you. Possible you might need to use one of WG post up commands to enable the masquerading though.
Why not tailscale?
@TallPaulTech
Жыл бұрын
kzread.info/dash/bejne/mmt-0divnJqterQ.html
@garylovesbeer
Жыл бұрын
@@TallPaulTech lol
my conspiracy theory is that services like nord vpn are honey pots, where anyone with a want to be anonymous/ish on the internet will pay for all their internet to go through a intelligence service operated "vpn" ... creating your own vpn is probably a lot better an option for everyone, even if your experience will be limited by their upload speed,
@TallPaulTech
Жыл бұрын
That wouldn't surprise me
@OH2023-cj9if
6 ай бұрын
WeVPN was taken over by law enforcement! When will people learn, a VPN inspects, manipulates and sells Data. They are required by Law to hand over information and they lie about logging data. They log by Law in the UK, for all UK data. The server hosts also log and provide traffic to Law enforcement. They don't keep your data private.
Love @NuggetGarage :)
@TallPaulTech
Жыл бұрын
They're not too good with trumpets
@markwalters0
Жыл бұрын
@@TallPaulTech Vid idea: say you wanted to access the security cameras from a mobile from outside the wan, how would you do it?
@TallPaulTech
Жыл бұрын
Easy. Just VPN to my house, then look at them on Home Assistant