Kana wakagadzira tekinoroji diki kumba ine NAS, sevha yeLinux, kana komputa yakadzokororwa yakazara nemasevhisiNdine chokwadi chekuti wakasangana nedambudziko rimwe chete: zvese zvinoshanda zvakanaka paunenge uri paWi-Fi yako, asi kana wangobva pamba, kanganwa nezvazvo. Haugone kuwana maapplication ako, mafaira, kana makamera eIP usina kunetseka nematambudziko ekugadzirisa port, matambudziko eDDNS, uye njodzi dzekuchengetedza, kana kushandisa... Inokurudzirwa maVPN eAndroid.
Nzira iri nyore uye yakachengeteka yekugadzirisa izvi ndeyekugadzira VPN neWireGuard uye batanidza kubva kuAndroid (uye kubva kune chero chimwe chishandiso). Nenzira iyi unogona kushandisa network yako yekumba sekunge uripo panyama, kunyangwe kana ISP yako ichishandisa CGNAT kana kuti une topology yenetwork yakaoma. Ngatizvitarise nhanho nhanho: kubva pane chinonzi WireGuard, maitiro ekuiisa paLinux (kana neDocker nemapaneru akaita seEasyPanel/WireGuard Easy) uye maitiro ekugadzirisa kuti iwane LAN yako uye Shandisa VPN paAndroid uye tsvaga zvakachengeteka kubva pafoni yako.
Chii chinonzi WireGuard uye nei chakanakira VPN yekumba?
WireGuard inzira yeVPN yemazuva ano, minimalist, uye inokurumidza zvikuru. izvo zvakachinja zvachose marongero ema network epachivande chaiwo. Kusiyana nemadinosaur akaita seOpenVPN kana IPsec, yakagadzirwa kubva pasi kuti ive nyore kugadzirisa, ive nyore kuongorora, uye inoshanda zvakanyanya.
Kodhi yayo idiki kwazvo (zvichienderana ne mitsara mishomananaIzvi zvinoita kuti zvive nyore kuwana zvikanganiso uye kugara uchizvizivisa. Pakunyora, inoshandisa maalgorithms emazuva ano uye anoremekedzwa akadai se Curve25519, ChaCha20, Poly1305, BLAKE2s uye kambani. Hapana runyorwa rusingaperi rwema ciphers ekare ayo hapana anofanira kushandiswa zvakare.
Uyezve, inoshanda chete pa UDP uye inogona kubatanidzwa muLinux kernelSaka kunonoka kwakaderera, mashandiro akanaka kwazvo, uye kushandiswa kweCPU hakuna kukosha. Izvi zvinonyanya kuoneka kana ukabatana kubva kuAndroid uchishandisa 4G/5G kana Wi-Fi yenguva dzose: kubatana kwakabatana kunokurumidza, uye network inogadziriswa netunnel inochinja zvakanaka.
Kugadzika kwacho kuri nyore kushandisa: mudziyo wega wega une makiyi everuzhinji/akavanzikaInopihwa kero yemukati yeVPN IP uye traffic inotumirwa kuburikidza nemugero inotsanangurwa nemutemo InobvumirwaIPsNeizvozvo, kana uine UDP port nemamwe marongero mana, unenge wava kushanda, pasina ma parameter akawanda akavanzika kana mafaira asingaperi.
Imwe mukana mukuru ndeyekuti WireGuard inoshanda pamhando dzakasiyana-siyana: pane Vatengi vepamutemo veAndroidInoshanda ne iOS, Windows, macOS, neLinux, uye inogona kushandawo pa routers, Docker containers, kana embedded devices. Pafoni, unogona kupinza faira re .conf kana kungoskena QR code yakagadzirwa paserver uye ndizvozvo
Zvinodiwa zvekutanga usati waisa sevha yako yeWireGuard
Usati wanama mirairo yekuti hapana mangwana, zvakanaka kuti utarise kuti wazadzisa zvinodiwa. Zvinodiwa zvishoma zveWireGuard server zvinowanikwa kubva kuAndroidIzvi zvichakununura pakurwadziwa nemusoro kwakawanda.
Nzira inonyanya kushandiswa ndeyekushandisa linux serverIzvi zvinogona kuva VPS yakavakirwa pa cloud (Ubuntu 22.04 isarudzo iri nyore kwazvo) kana muchina wepamba (Raspberry Pi, miniPC, NAS ine rutsigiro, nezvimwewo). Chero kugoverwa kwemazuva ano nerutsigiro rweWireGuard kuchashanda, asi Ubuntu/Debian inopa mamwe magwaro nemienzaniso.
Unoda mushandisi ane mvumo yekutonga (root kana mushandisi ane kodzero dzesudo) nekuti uchaisa mapakeji, kugadzirisa marongero enetwork, kugonesa IP forwarding, uye pamwe kugadzirisa mitemo yefirewall. Zvakakoshawo kuti uve neSSH access kune server uye uzive, zvirinani, maitiro ekubatanidza kubva kumuchina wako.
Kune divi remutengi, uchanyanya kushandisa yako Smartphone yeAndroid ine app yepamutemo yeWireGuardKunyange zvazvo chirongwa chimwe chete chekugadzirisa chichishanda paWindows, macOS, Linux, kana iOS. Faira rekugadzirisa harina kuchinja zvakanyanya pakati pemapuratifomu, saka zvaunodzidza pano zvichabatsira kune ese.
Muvengi mukuru: CGNAT uye kuti inokanganisa sei VPN yako yekumba
Chimwe chezvinhu zvinonyanya kukosha, kunyanya kana sevha iri kumba, kuziva kana mupi wako wepaindaneti achikuisa kumashure kwenetwork. CGNAT (NAT yeGiredhi reMutakuri)Pasi peCGNAT, unogovana kero yeIP yeruzhinji nevamwe vatengi uye Haugone kuvhura maports kune network yako yekumba.izvo zvinoita kuti kuve neVPN server pakombuta yako yepamba kuve kwakaoma zvikuru.
Kuzviziva kuri nyore: kutanga, nyora pasi Ruzhinji IP Kubva pawebhusaiti yakaita sekuti “whatismyip.” mubrowser yako. Wobva wapinda panel yekudzora yerouter yako (kazhinji pa192.168.1.1 kana 192.168.0.1) wobva watarisa muchikamu cheWAN kana Internet kuti uwane kero yeIP iyo router inofunga kuti inayo. Kana kero iyoyo yeIP ichitanga ne 10.xxx kana kuti iri pakati pe100.64.0.0 – 100.127.255.255 Uye kana zvisingaenderane neruzivo rwuri pamawebhusaiti, uri pasi peCGNAT. Imwe sarudzo yakananga ndeyekufonera mushandi wepaindaneti wobvunza.
NeCGNAT, router yako haigamuchire kero yeIP yeruzhinji yakananga, saka Haugone kuita classic port forwardingMamwe makambani anokubvumidza kuti usarudze kubva muCGNAT nekubhadhara mari yakawedzerwa kana kutanga imwe sarudzo, mamwe anoda kuti uchinje hurongwa hwako, uye dzimwe nguva mitengo inokwira zvakanyanya. Kana usingade kupfuura nezvose izvozvo, mhinduro yakangwara ndeyekushandura kuenda kune... VPS sebhirijiSevha yako yekumba inogadzira mugero weWireGuard kuenda kuVPS, uye unobatanidza neVPS kubva kuAndroid kuti usvike kuLAN yako yekumba.
Kugadzirira sevha yeLinux: Kugadzirisa nekuisa WireGuard
Pane sevha ine Ubuntu 22.04 (kana yakafanana), chinhu chekutanga kuita ndeche gadziridza mapakeji kudzivirira kutakura pamusoro pezvisina kunaka kana shanduro dzekare:
apt update && apt upgrade -y
Wobva waisa WireGuard kubva kunzvimbo dzepamutemo uchishandisa:
apt install -y wireguard
Pakeji iyi inosanganisira maturusi wg uye wg-nekukurumidza uye kurodha kernel module inodiwa. Kana uchida kumanikidza kurodha nemaoko munzvimbo isingawanzoitiki, unogona kushandisa:
modprobe wireguard
Kugadzira makiyi uye chimiro chekugadzirisa sevha
Chinhu chikuru cheWireGuard isystem ye makiyi everuzhinji neakavanzikaKazhinji, basa rinoitwa mudhairekitori yakajairika. /etc/wireguard/kwauchachengeta makiyi nemafaira ekugadzirisa.
Chinja kune iro dhairekitori uye omesa mvumo yekutanga usati wagadzira chero chinhu:
cd /etc/wireguard/
umask 077
Izvi zvinovimbisa kuti mafaira matsva anogona kusaverengeka nevamwe vashandisiIzvi zvakakosha pakugadzira makiyi epachivande. Gadzira makiyi eseva, semuenzaniso:
wg genkey > privatekey
wg pubkey < privatekey > publickey
La private key Inofanira kugara iri paserver uye isingamboibvi; kiyi yeruzhinji Ehe, unogona kuzvigovana nevatengi. Zvakare, dzivisa maapplication evamwe anogona kukanganisa zvakavanzika; ongorora zvinyorwa pa [musoro wenyaya uripo]. mapurogiramu eVPN asina kuchengetedzeka Kana uine kusava nechokwadi nezvevatengi.
chmod 600 privatekey
Kana uchida kuona makiyi ari pachiratidziro kuti uvakope gare gare, unogona kushandisa:
tail privatekey publickey
Gadzira uye gadzirisa faira re wg0.conf reseva
WireGuard inoronga matune ayo mu nzvimbo dzepamhepo Mafoni anoshandiswa netsika wg0, wg1, nezvimwewo. Chimiro chega chega chine faira rayo rekugadzirisa mu /etc/wireguard/Tichagadzira wg0.conf senzvimbo huru yekushandisa.
Kana uchida Nano uye usina kuiisa, unogona kuiwedzera ne:
apt install -y nano
Vhura iyo configuration file:
nano /etc/wireguard/wg0.conf
Usati wanyora chero chinhu, nyora zita re network interface inobatanidza ne internet (iyo ine public IP address kana IP address yaunoshandisa kubatanidza kuburikidza neSSH). Unogona kuwana izvi uchishandisa:
ip a
MumaVPS mazhinji inonzi eth0, en3, enp0s3 kana chimwe chinhu chakafanana neicho. Uchachida pamitemo yeNAT. Muenzaniso weblock yakazara ungave:
Address = 10.30.0.1/24
PrivateKey = <clave_privada_servidor>
ListenPort = 51820
PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -A FORWARD -o %i -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -D FORWARD -o %i -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
Apa uri kupa sevha kero ye IP 10.30.0.1 mukati meVPN network, unoiudza kuti iteerere paUDP port 51820, uye unotsanangura mitemo ye iptables inoshanda kana wg0 interface yabuda (PostUp) uye dzinobviswa paunodonha pasi (Mushure meKudzikiraChenjerera paunenge uchitsiva eth0 nezita chairo reinterface yako yekubuda.
MuNano, unochengetedza ne Ctrl + O uye unovhara ne Ctrl + XIyi wg0.conf ndiyo ichava musimboti wauchawedzera vatengi vakasiyana (vezera rako).
Bvumira kutumirwa kweIP uye tanga sevhisi yeWireGuard
Kuti vatengi vako vakwanise kushandisa internet kana LAN iri kuseri kweVPN server, system yacho inofanira kubvumidza Kutumira mapaketi eIPv4 neIPv6Izvi zvinodzorwa ne sysctl.
Nzira yekukurumidza ndeyekuwedzera mitsara inoenderana nayo /etc/sysctl.conf kana kufaira riri mu /etc/sysctl.d/ uye kuchajazve:
echo "net.ipv4.ip_forward=1" >> /etc/sysctl.conf
echo "net.ipv6.conf.all.forwarding=1" >> /etc/sysctl.conf
sysctl -p
Kana mitsara iyoyo yatovepo asi yakataurwa (ne #), zvakakwana kuti bvisa #chengetedza wobva watangazve sysctl -pPasina danho iri, mugwagwa uchavhurwa asi ucharasikirwa neLAN kana Internet kubva kune vatengi.
Iye zvino unogona kusimudza WireGuard nerubatsiro rwe wg-kukurumidza uye systemd:
systemctl start wg-quick@wg0
Kuti itange otomatiki nehurongwa:
systemctl enable wg-quick@wg0
Tarisa kuti zvese zvakasvibirira uchishandisa:
systemctl status wg-quick@wg0
Uye kuti uone ruzivo rwechokwadi rwe interface, makiyi, peers, uye traffic, shandisa:
wg
Wedzera vatengi: PC, Android mobile nezvimwe zvishandiso
Chishandiso chimwe nechimwe chinobatanidza neVPN yako chinotsanangurwa se kutarisa nekiyi yavo ne IP yemugeroUnogona kugadzira makiyi paseva pachayo (zviri nyore) kana pamutengi wega wega (akachengeteka, nekuti kiyi yakavanzika haimbobvi mairi).
Kune komputa yedesktop unogona kuita, semuenzaniso, mu /etc/wireguard/:
wg genkey > mypc_privatekey
wg pubkey < mypc_privatekey > mypc_publickey
Uye kune yako Android mobile:
wg genkey > myphone_privatekey
wg pubkey < myphone_privatekey > myphone_publickey
Tarisa mafaira ne:
ls
Uye inoratidza makiyi eruzhinji:
tail mypc_publickey myphone_publickey
Makiyi iwayo eruzhinji ndiwo auchapinda maari wg0.conf mukati memabhuroko Vhura faira reseva zvakare:
nano /etc/wireguard/wg0.conf
Uye anowedzera, semuenzaniso:
PublicKey = <clave_publica_mypc>
AllowedIPs = 10.30.0.2/32
Ruzivo rweVanhu =
InobvumirwaIPs = 10.30.0.3/32
Nekuita izvi uri kuchengetedza kero ye IP 10.30.0.2 yePC and the 10.30.0.3 yefoni yeAndroidIyo /32 inoratidza kuti ikero yeIP yega yega. Imwe neimwe inoshandisa kero yayo yeIP yakasiyana mukati meVPN subnet.
Sevha uye rodha pasi sevhisi kuti ushandise shanduko:
systemctl restart wg-quick@wg0
Gadzira mafaira ekugadzirisa vatengi
Iye zvino inguva yekugadzirira mafaira e .conf achashandiswa nevatengiZvinosanganisira kiyi yako yakavanzika, IP yemukati, DNS uye data reseva (kiyi yeruzhinji, IP/Domain uye port).
Pakombiyuta unogona kugadzira mypc.conf mu /etc/wireguard/ (kana chero kwaunoda):
nano mypc.conf
Rudzi rwezviri mukati:
PrivateKey = <clave_privada_mypc>
Address = 10.30.0.2/24
DNS = 1.1.1.1
Ruzivo rweVanhu =
Pokugumira = :51820
InobvumirwaIPs = 0.0.0.0/0
PersistentKeepalive = 20
Mubhokisi rekutanga, unotsanangura "chiso" chemutengi weko: kiyi yake yakavanzika, kero yake yeVPN IP, uye DNS yaachashandisa. Mubhokisi rechipiri, unotsanangura sevha: kiyi yayo yeruzhinji, kero, uye chiteshi. Mutsetse InobvumirwaIPs = 0.0.0.0/0 inogadzira Vanhu vese vanofamba nevatengi vavo vanopfuura nemuVPN (tunnel yakazara). Kana uchida chete kupinda muLAN yako iri kure, unogona kuiganhurira ku10.30.0.0/24 uye/kana 192.168.x.0/24, zvichienderana nenetwork yako.
PersistentKeepalive Masekondi makumi maviri nemashanu ega ega anokurudzirwa zvikuru kune vatengi vari kuseri kweNAT kana ma network enharembozha, sezvo zvichidzivirira mugero kuti usaite seusingashande uye firewall kuti isavhare chikamu.
Kugadziriswa kwemutengi weAndroid
Pa Android, maitiro acho akafanana. Foni inoda kiyi yakavanzika, IP yako yemugero uye data reseva. Unogona kushandisazve makiyi awakagadzira paseva kana kuagadzira zvakananga muapp.
Uchitevera muenzaniso, wakagadzira myphone_privatekey uye myphone_publickeyUri kushayikwa faira re myphone.conf refoni yako:
nano myphone.conf
Chimwe chinhu chakadai:
PrivateKey = <clave_privada_myphone>
Address = 10.30.0.3/24
DNS = 1.1.1.1
Ruzivo rweVanhu =
Pokugumira = :51820
InobvumirwaIPs = 0.0.0.0/0
PersistentKeepalive = 20
Chikamu chinonetsa apa ndechekuti Maitiro ekutumira faira iroro zvakachengeteka kufoni mbozhaMunzvimbo yekurabhoritari, unogona kuiisa pawebhu server woidhawunirodha, asi mukugadzirwa kwayo, zvakanaka kudzivirira kuitumira neemail kana kuichengeta pamasevhisi asina kunyorwa.
Nzira yakachena inowanzo shandiswa qrencode kugadzira QR code iyo WireGuard app pa Android inogona kuskena:
apt install -y qrencode
qrencode -t ansiutf8 -r myphone.conf
Uchaona kodhi yeQR yakanyorwa nemavara eASCII paterminal. Pafoni yako, vhura WireGuard app, wobva wasarudza “Skena kubva paQR code"(Scan kubva paQR code) wonongedzera pascreen. Nenzira iyi haufanirwe kugovera faira re .conf kuburikidza nenzira dzisina chokwadi."
Kupinda muLAN yekumba, DNS, uye mazita emunharaunda
Kunze kwekuvaka mugero, chii chinonakidza nezve VPN neWireGuard paAndroid kuti pave nekubatana kwakachengeteka kumba Zvinoreva kukwanisa kushandisa zvishandiso zvako zvese zvepamba sekunge uripo: NAS, makamera eIP, ma router, maseva e media, nezvimwewo, zvakanaka kushandisa mazita emadhomini emunharaunda pachinzvimbo chema IP.
Ma router mazhinji anobatanidza sevha yeWireGuard kana DNS yemukati ane chikamu chakaita se NETWORK → DNS → Edit Hosts kwaunogona kugadzira zvinyorwa zvakaita se 192.168.1.50 nas-casa.localKana ukanongedzera DNS yemaVPN clients ako kurouter kana server inogadzirisa mazita aya, uchakwanisa kuwana midziyo yako uchishandisa hostname.
Mamwe ma firmware e router ane WireGuard ane mabhokisi ekutarisa akadai se "Bvumira Kupinda Kure kuLAN""Remote Access LAN Subnet" kana zvakafanana. Unofanira kuigonesa kuitira kuti vatengi vari kure vagone kusvika network yemuno (192.168.xx) kunze kwerouter pachayo.
Muzviitiko apo sevha yeWireGuard inoshanda yakabatanidzwa mu router, inowanzo bvumidza tuma profiles dze .conf dzakagadzirwa kare yemidziyo yemafoni kana mamwe ma router evatengi. Ma profiles aya anowanzo sanganisira tunnel IP, DNS chaiyo (kazhinji IP ye router pachayo paVPN network), uye AllowedIPs dzakagadziriswa zvakanaka.
Kuongorora, kugadzirisa matambudziko, uye kuchengetedzeka
Kana magadzirirwo acho apinzwa mu Android uye mugero wacho wavhurwa, chinhu chekutanga chekuita ndechekutarisa kuti Kubatana maoko kunoitika nemazvo.Iyo WireGuard app pachayo inoratidza mamiriro, mabheti akatumirwa/akagamuchirwa, uye nguva yekupedzisira yekukwazisana.
Paseva, mhanya:
wg
Ipapo uchaona, kune mumwe nemumwe wezera rako, kiyi yake yeruzhinji, kero ye IP iri kure yainobatanidza nayo, kukwazisana kwekupedzisira, uye kuchinjana kwetraffic. Kana munda we "Kukwazisana Kwekupedzisira" usina chinhu kana kuti wekare kwazvo, mutengi haasi kubatanidza kana kuti pane chiri kuivharira.
Kana pasina kubatana, tarisa kuti Chiteshi cheUDP (51820 kana chero chaunoshandisa) chakavhurika pafirewall yeseva (UFW, iptables, nftables) uye pane chero ma routers ari pakati nepakati. Kana sevha iri kuseri kwe router yekumba, gadzirisa iyo Kutumira chiteshi cheUDP kubva pachiteshi ichocho kuenda kukero yemukati ye IP yesevaDambudziko iri rinogona kukanganisa maapplication chaiwo; ona gwara redu pa Zvekuita kana maapplication akakundikana kana VPN yakabatidzwa.
Kana mugero ukavhurika asi usina internet yefoni, tarisa kuti pakiti iri kutumirwa sei (net.ipv4.ip_forward uye sarudzo net.ipv6.conf.kutumira zvese) iri kushanda uye kuti mitemo yeNAT inonongedzera kune interface chaiyo inobuda (eth0, ens3, nezvimwewo).
Matambudziko eDNS anowanzoonekwa kana uchikwanisa kuisa ping pane imwe kero yeIP (semuenzaniso, 1.1.1.1) asi usingakwanise kugadzirisa madomain. Kana zvakadaro, tarisa mutsetse DNS = Mufaira re .conf remutengi: unogona kushandisa DNS yeruzhinji (8.8.8.8, 1.1.1.1) kana kero ye IP yemugero weseva kana ichishanda senzira yekugadzirisa data remukati.
Panyaya yekuchengetedza, kunze kweWireGuard's cryptography, kune akati wandei tsika dzakanaka dzinokosha:
- Chengetedza makiyi ako epachivandeUsazvikope kumawebhusaiti asina kuchengetedzeka kana kuzvigovana nemunhu.
- Zvinorambidzwa maIP anotenderwa pamunhu mumwe nemumwe: inopa mutengi wega wega mukana wekuwana network yaanoda chete, hapana rusununguko rwemahara.
- Shandisa maports eUDP asiri ekutamba nawoKutsiva 51820 nemutengo wakakwira kunoderedza ruzha runobva mukuskena otomatiki.
- Chengetedza system yako neWireGuard zvichiripo: zvigamba zuva nezuva.
- Inosefa nzira yekupinda paWireGuard port mufirewall kuti muganhurire kuti ndiani anogona kuedza kubatanidza (ne IP yenzvimbo kana zvichinzwisisika).
Kana uine CGNAT kana uchida chimwe chinhu chiri nani: pinda kuburikidza neVPS
Kana mushandi wako akakuisa pasi peCGNAT kana kuti uchingoda kupatsanura nzvimbo inowanikwa neveruzhinji mumba mako, unogona kugadzira mhinduro yakatonyanya kujeka asi ine simba: Shandisa VPS senzvimbo huru uye sevha yako yekumba semutengi.Wobva wabatana neVPS kubva kuAndroid uye, kuburikidza nayo, unowana LAN yako.
Chirongwa chikuru ndeichi: mugore unoisa a "Seva" yeWireGuard (semuenzaniso neDocker uye stack yakaita se linuxserver/wireguard kana repository yakagadzirwa kare), unogonesa kutumira neNAT, uye kumba une Raspberry Pi kana PC inogara yakabatidzwa iyo inobatanidza neVPS iyoyo semunhu anoshanda naye. VPS ine IP yeruzhinji uye haina kukanganiswa neCGNAT, saka unogona kuvhura maports ipapo pasina dambudziko.
Kufamba kwakajairika neDocker kungave:
- PaVPS unoisa Docker neDocker Compose, unoisa WireGuard configuration repository uye Unosimudza mudziyo ne `docker-compose up -d`.
- Mudziyo uyu unogadzira otomatiki makiyi eseva neaya evamwe vezera rako (peer1, peer2…), vachichengetedza mafaira avo e.conf muforodha rekugadzirisa.
- Unogadzirisa faira reseva kuti risanganisire rako home subnet (semuenzaniso 192.168.1.0/24) muAllowedIPs ye peer ichashandiswa neRaspberry yako, uye kugadzirisa iptables kana mitemo yakafanana pahost kuti ifambise traffic pakati peVPN ne network yako yekumba.
- PaRaspberry Pi, gadzirai repository imwecheteyo (kana yakagadzirwa), gadzirai faira re wg0.conf rine data rakagadzirwa ne peer1, vhurai NAT yemuno (kuti mukwanise kutumira traffic kuLAN), uye tangai WireGuard client muDocker kana natively.
Kubva ipapo, chero chimwe chishandiso (kusanganisira chako) Android neWireGuard appUnogona kushandisa imwe yemamwe maVPS (peer2, peer3…) kuti ubatanidze. Muchokwadi, unogara uchibatanidza nekero yeIP yeVPS, asi unozopedzisira wasvika kumasevhisi enetwork yako yekumba, kunyangwe kuburikidza neCGNAT.
WireGuard ine mapaneru ewebhu: WireGuard Easy, EasyPanel uye kambani
Kana zvese izvi zvichinzwika sekunge console yakawandisa kwauri, kune mhinduro dziri nyore kwazvo dzinoisa a Panera rewebhu rekutarisira WireGuard nekudzvanya kamwe cheteSemuenzaniso, paseva ine EasyPanel unogona kuisa app yakaita se WireGuard iri nyore kuburikidza netemplate wobva wakanganwa nezvekunyora mafaira nemaoko.
Mafambiro ebasa nemapaneru aya anowanzo kuve:
- Unopinda mupaneru (EasyPanel kana imwe) nemushandisi wako.
- Iwe unoisa template WireGuard iri nyore, ichitsanangura ma parameter akadai se domain/public IP (WG_HOST), UDP port, VPN subnet uye DNS.
- Sisitimu iyi inotanga mudziyo unoburitsa webhusaiti yakachengetedzwa nepassword kwaunoona runyorwa rwevezera, nhamba, uye sarudzo dzekugadzirisa.
- Kuti uwedzere mutengi, unongozadza fomu rine zita rake; panel inogadzira makiyi, inomupa kero ye IP, uye inoratidza Kodhi yeQR yakagadzirira kuskenwa neAndroid, pamusoro pekukubvumidza kudhawunirodha faira re .conf.
Izvi zviri nyore zvikuru munzvimbo dzine vanhu vakawanda vari kushandisa VPN (mhuri, timu yebasa, nezvimwewo), nekuti unogona Shandisa kana kudzima mukana wekupinda mumasekondi mashoma pasina kutsanangura chero chinhu chehunyanzvi. Uyezve, kana ukaisa WireGuard Easy paVPS, unoisa mukana wese wekuwana network yako yekumba nedzimwe nzvimbo pamwe chete.
WireGuard pane mamwe masisitimu: Windows, macOS, Linux, iOS
Kunyangwe tichinyanya kutarisa paAndroid pano, WireGuard inoshanda zvakanaka zvakafanana ne desktops nedzimwe nharembozhaSemuenzaniso, muWindows, unodhawunirodha mutengi wepamutemo, woisa, wobva wadzvanya "Wedzera Mugero", unosarudza "Wedzera mugero usina chinhu" kana "Import kubva kufaira", uye purogiramu yacho pachayo inogona kugadzira key pair yako.
Magadzirirwo emuchina akafanana: vhara ne PrivateKey, Kero uye DNS, uye vhara ne PublicKey yeseva, Endpoint uye AllowedIPsKana wangochengetedza, ingodzvanya "Activate" kuti utange interface uye utange kufamba kwetraffic.
Pa iOS maitiro acho akafanana zvikuru neaAndroid: unoisa WireGuard app kubva kuApp Store, wogadzira mugero mutsva, uye unogona Tumira faira re .conf kana kuti skena kodhi yeQR yawakagadzira neqrencode kana kubva pane imwe nzvimbo yakaita seWireGuard Easy. Wobva wavhura mugero neswitch uye watova mukati me network yako yekumba.
Pa desktop Linux unogona kushandisa chishandiso chemurairo pachawo (wg-kukurumidza wg0kana kuibatanidza neNetworkManager nekupinza faira re.conf kubva pa graphical interface. Kunewo official macOS client ine ruzivo rwakafanana neWindows version.
Pakupedzisira, ita protocol imwechete uye configuration scheme pamapuratifomu ese Zvinoita kuti hupenyu huve nyore: unotevedzera pfungwa kubva kune mumwe mutengi kuenda kune mumwe nekuchinja makiyi ne IP yemugero chete.
Nemusanganiswa uyu—seva yeLinux kana Docker yakagadzirwa zvakanaka, rutsigiro rweVPS runogoneka kana uine CGNAT, mapaneru ewebhu ekurerutsa manejimendi, uye WireGuard app paAndroid—unogona kuseta VPN yepamba yakasimba, inokurumidza, uye yakachengeteka izvo zvinokutendera kuti uwane network yako yekumba, mafaira ako nemasevhisi, uye utarise zvakachengeteka paWiFi yeruzhinji pasina kuvimba nevechitatu kana mhinduro dzebhizinesi dzisinganyatsooneki. Goverana ruzivo urwu kuitira kuti vamwe vazive nezvechinhu chitsva ichi.