{"id":8187,"date":"2022-01-18T13:07:12","date_gmt":"2022-01-18T05:07:12","guid":{"rendered":"https:\/\/blog.pfchina.org\/?p=8187"},"modified":"2024-03-08T10:38:05","modified_gmt":"2024-03-08T02:38:05","slug":"opnsense%e8%ae%be%e7%bd%aewireguard%e6%95%99%e7%a8%8b","status":"publish","type":"post","link":"https:\/\/blog.pfchina.org\/?p=8187","title":{"rendered":"OPNsense\u8bbe\u7f6eWireGuard\u6559\u7a0b"},"content":{"rendered":"<p>WireGuard \u662f\u4e00\u79cd\u7b80\u5355\u5feb\u901f\u7684VPN\u534f\u8bae\uff0c\u91c7\u7528\u73b0\u4ee3\u52a0\u5bc6\u6280\u672f\uff0c\u6bd4 IPsec\u3001OpenVPN\u66f4\u5feb\u3001\u66f4\u7b80\u5355\u3002\u5b83\u8fd8\u6709\u4e00\u4e2a\u66f4\u5c0f\u7684\u4ee3\u7801\u5e93\uff0c\u8fd9\u4f7f\u5f97\u5ba1\u8ba1\u548c\u7ef4\u62a4\u66f4\u5bb9\u6613\u3002\u867d\u7136\u6700\u521d\u662f\u4e3a Linux \u5185\u6838\u8bbe\u8ba1\u7684\uff0c\u4f46\u73b0\u5728\u5df2\u7ecf\u53ef\u4ee5\u8de8\u5e73\u53f0\u4f7f\u7528\u3002<\/p>\n<p>\u672c\u6559\u7a0b\u4ecb\u7ecd\u5728OPNsense\u4e0a\u5b89\u88c5WireGuard \u670d\u52a1\u5668\uff0c\u914d\u7f6e\u4e00\u4e2a\u6216\u591a\u4e2a\u5ba2\u6237\u7aef\u6765\u8fdb\u884c\u8fdc\u7a0b\u8fde\u63a5\u3002\u4f7f\u7528\u7684\u8f6f\u4ef6\u4e3aOPNsense 21.7.3\uff0c\u5ba2\u6237\u7aef\u4e3a\u8fd0\u884cWindows\u7684\u8ba1\u7b97\u673a\u548cAndroid\u79fb\u52a8\u8bbe\u5907\u3002\u5ba2\u6237\u7aef\u7684\u6d41\u91cf\u5c06\u901a\u8fc7 Ubuntu 20.04 \u670d\u52a1\u5668\u8fdb\u884c\u8def\u7531\u3002<\/p>\n<p><a href=\"https:\/\/blog.pfchina.org\/wp-content\/uploads\/2022\/01\/Figure-1-WireGuardP2PVPNTopologyOPNsenseWireGuardServerandAndroid-WindowsClients-58f0fde9b5984a55e523fa5546accac1.png\"><img loading=\"lazy\" decoding=\"async\" title=\"WireGuard P2P VPN \u62d3\u6251\uff08OPNsense WireGuard \u670d\u52a1\u5668\u548c Android\/Windows \u5ba2\u6237\u7aef\uff09\" src=\"https:\/\/blog.pfchina.org\/wp-content\/uploads\/2022\/01\/Figure-1-WireGuardP2PVPNTopologyOPNsenseWireGuardServerandAndroid-WindowsClients-58f0fde9b5984a55e523fa5546accac1.png\" alt=\"WireGuard P2P VPN \u62d3\u6251\uff08OPNsense WireGuard \u670d\u52a1\u5668\u548c Android\/Windows \u5ba2\u6237\u7aef\uff09\" width=\"1640\" height=\"908\" \/><\/a><\/p>\n<p>\u56fe 1.\u00a0WireGuard P2P VPN\u7f51\u7edc\u62d3\u6251<\/p>\n<div>\n<div>\u914d\u7f6eWireGuard VPN \u670d\u52a1\u5668<\/div>\n<\/div>\n<p>OPNsense WireGuard \u914d\u7f6e\u6309\u7167\u4ee5\u4e0b\u4e94\u4e2a\u4e3b\u8981\u6b65\u9aa4\u5c55\u5f00\uff1a<\/p>\n<ul>\n<li>\u670d\u52a1\u5668\u548c\u5ba2\u6237\u7aef\u4e0b\u8f7d\u5e76\u5b89\u88c5 WireGuard<\/li>\n<li>\u670d\u52a1\u5668\u548c\u5ba2\u6237\u7aef\u751f\u6210\u52a0\u5bc6\u5bc6\u94a5\u5bf9\uff08\u516c\u94a5\u548c\u79c1\u94a5\uff09<\/li>\n<li>\u670d\u52a1\u5668\u548c\u5ba2\u6237\u7aef\u4e0a\u914d\u7f6e WireGuard \u96a7\u9053\u63a5\u53e3<\/li>\n<li>OPNsense WireGuard VPN \u670d\u52a1\u5668\u4e0a\u914d\u7f6e\u9632\u706b\u5899\u89c4\u5219<\/li>\n<li>\u670d\u52a1\u5668\u548c\u5ba2\u6237\u7aef\u4e0a\u542f\u7528 WireGuard \u96a7\u9053\u63a5\u53e3<\/li>\n<\/ul>\n<h2 id=\"1-installation-of-the-wireguard-plugin-on-opnsense\">1.OPNsense\u5b89\u88c5WireGuard<\/h2>\n<ul>\n<li>\u5bfc\u822a\u5230System-&gt;\u00a0Firmware-&gt;\u00a0Plugins\u3002<\/li>\n<li>\u5728\u641c\u7d22\u5b57\u6bb5\u4e2d\u8f93\u5165os-wireguard\u3002<\/li>\n<\/ul>\n<p><a href=\"https:\/\/blog.pfchina.org\/wp-content\/uploads\/2022\/01\/Figure-2-WireGuardplugininstallationonOPNsense-baa04ac205ff95ab77095697e37b3a74.png\"><img loading=\"lazy\" decoding=\"async\" title=\"OPNsense \u4e0a\u7684 WireGuard \u63d2\u4ef6\u5b89\u88c5\" src=\"https:\/\/blog.pfchina.org\/wp-content\/uploads\/2022\/01\/Figure-2-WireGuardplugininstallationonOPNsense-baa04ac205ff95ab77095697e37b3a74.png\" alt=\"OPNsense \u4e0a\u7684 WireGuard \u63d2\u4ef6\u5b89\u88c5\" width=\"1904\" height=\"578\" \/><\/a><\/p>\n<p>\u56fe 2.\u00a0OPNsense \u4e0a\u7684 WireGuard \u63d2\u4ef6\u5b89\u88c5<\/p>\n<ul>\n<li>\u5728os-wireguard\u63d2\u4ef6\u7684\u53f3\u4fa7\uff0c\u5355\u51fb \u56fe\u6807\u8fdb\u884c\u5b89\u88c5\u3002<\/li>\n<li>\u5b89\u88c5\u5b8c\u6210\u540e\uff0c\u5237\u65b0\u9875\u9762\uff0c\u901a\u8fc7VPN-&gt;WireGuard\u83dc\u5355\u8bbf\u95eeWireGuard\u3002<\/li>\n<\/ul>\n<p><a href=\"https:\/\/blog.pfchina.org\/wp-content\/uploads\/2022\/01\/11235.png\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/blog.pfchina.org\/wp-content\/uploads\/2022\/01\/11235.png\" alt=\"\" width=\"1561\" height=\"274\" \/><\/a><\/p>\n<p>\u56fe 3.\u00a0OPNsense\u5b89\u88c5\u63d2\u4ef6os-wireguard<\/p>\n<h2 id=\"2-wireguard-vpn-serverlocal-configuration-on-opnsense\">2.OPNsense WireGuard\u914d\u7f6e<\/h2>\n<ul>\n<li>\u5bfc\u822a\u5230VPN-&gt;\u00a0WireGuard-&gt; \u3002General<\/li>\n<li>\u5355\u51fb\u590d\u9009\u6846\u542f\u7528 WireGuard\u3002<\/li>\n<\/ul>\n<p><a href=\"https:\/\/blog.pfchina.org\/wp-content\/uploads\/2022\/01\/Figure-4-EnablingWireGuardServeronOPNsense-945d0196137bd703d5026e9e1c815449.png\"><img loading=\"lazy\" decoding=\"async\" title=\"\u5728 OPNsense \u4e0a\u542f\u7528 WireGuard \u670d\u52a1\u5668\" src=\"https:\/\/blog.pfchina.org\/wp-content\/uploads\/2022\/01\/Figure-4-EnablingWireGuardServeronOPNsense-945d0196137bd703d5026e9e1c815449.png\" alt=\"\u5728 OPNsense \u4e0a\u542f\u7528 WireGuard \u670d\u52a1\u5668\" width=\"1905\" height=\"565\" \/><\/a><\/p>\n<p>\u56fe 4.\u00a0\u5728 OPNsense \u4e0a\u542f\u7528 WireGuard \u670d\u52a1\u5668<\/p>\n<ul>\n<li>\u5bfc\u822a\u5230Local\u9009\u9879\u5361\uff0c\u7136\u540e\u5355\u51fb\u53f3\u4fa7\u7684 \u56fe\u6807\uff0c\u6dfb\u52a0\u65b0\u7684\u672c\u5730\u914d\u7f6e\u3002<\/li>\n<\/ul>\n<p><a href=\"https:\/\/blog.pfchina.org\/wp-content\/uploads\/2022\/01\/Figure-5-AddingLocalWireGuardconfigurationonOPNsense-c33e8949eaf0bd1ff664b10bd51f4b6a.png\"><img loading=\"lazy\" decoding=\"async\" title=\"\u5728 OPNsense \u4e0a\u6dfb\u52a0\u672c\u5730 WireGuard \u914d\u7f6e\" src=\"https:\/\/blog.pfchina.org\/wp-content\/uploads\/2022\/01\/Figure-5-AddingLocalWireGuardconfigurationonOPNsense-c33e8949eaf0bd1ff664b10bd51f4b6a.png\" alt=\"\u5728 OPNsense \u4e0a\u6dfb\u52a0\u672c\u5730 WireGuard \u914d\u7f6e\" width=\"1898\" height=\"683\" \/><\/a><\/p>\n<p>\u56fe 5.\u00a0\u5728 OPNsense \u4e0a\u6dfb\u52a0\u672c\u5730 WireGuard \u914d\u7f6e<\/p>\n<ul>\n<li>\u9009\u4e2d\u542f\u7528\u672c\u5730\u914d\u7f6e\u3002<\/li>\n<li>\u8bbe\u7f6eWireGuard VPN \u670d\u52a1\u5668\u7684\u540d\u79f0\uff0c\u4f8b\u5982MyWireGuard.<\/li>\n<li>\u5c06\u76d1\u542c\u7aef\u53e3\u8bbe\u7f6e\u4e3a51820 \u6216\u66f4\u9ad8\u7f16\u53f7\u7684\u552f\u4e00\u7aef\u53e3\u3002<\/li>\n<li>\u8bbe\u7f6e\u96a7\u9053\u5730\u5740\uff0c\u4f8b\u598210.0.0.1\/24<\/li>\n<\/ul>\n<div>\n<div>\n<p>\u96a7\u9053\u5730\u5740\u662f\u4f60\u4f7f\u7528\u7684\u7f51\u7edc\u7684\u552f\u4e00 IP\u5730\u5740\u548c\u5b50\u7f51\u3002\u5b50\u7f51\u5e94\u8be5\u8db3\u591f\u5927\u4ee5\u4fbf\u5bb9\u7eb3\u5c06\u4f7f\u7528\u96a7\u9053\u7684\u6240\u6709\u5ba2\u6237\u7aef\u3002\u5b83\u5e94\u8be5\u662f\u79c1\u6709 (RFC1918) \u5730\u5740\uff0c\u4f8b\u5982 10.0.0.1\/24\u3002<\/p>\n<\/div>\n<\/div>\n<ul>\n<li>\u5176\u4ed6\u9009\u9879\u4fdd\u7559\u4e3a\u9ed8\u8ba4\u503c\u3002<\/li>\n<\/ul>\n<p><a href=\"https:\/\/blog.pfchina.org\/wp-content\/uploads\/2022\/01\/Figure-6-SettinglocalWireGuardVPNserverconfigurationonOPNsense-ed5b61c05d4367e23da1abbeee56bdcc.png\"><img loading=\"lazy\" decoding=\"async\" title=\"\u5728 OPNsense \u4e0a\u8bbe\u7f6e\u672c\u5730 WireGuard VPN \u670d\u52a1\u5668\u914d\u7f6e\" src=\"https:\/\/blog.pfchina.org\/wp-content\/uploads\/2022\/01\/Figure-6-SettinglocalWireGuardVPNserverconfigurationonOPNsense-ed5b61c05d4367e23da1abbeee56bdcc.png\" alt=\"\u5728 OPNsense \u4e0a\u8bbe\u7f6e\u672c\u5730 WireGuard VPN \u670d\u52a1\u5668\u914d\u7f6e\" width=\"894\" height=\"908\" \/><\/a><\/p>\n<p>\u56fe 6.\u00a0\u5728 OPNsense \u4e0a\u8bbe\u7f6e\u672c\u5730 WireGuard VPN \u670d\u52a1\u5668\u914d\u7f6e<\/p>\n<ul>\n<li>\u5355\u51fb\u5e95\u90e8\u7684\u4fdd\u5b58\u6309\u94ae\u3002\u4f1a\u81ea\u52a8\u4e3aWireGuard VPN\u670d\u52a1\u5668\u751f\u6210\u516c\u94a5\u548c\u79c1\u94a5\u5bf9\u3002<\/li>\n<\/ul>\n<div>\n<div>\n<p>WireGuard \u7684\u4e3b\u8981\u4f18\u52bf\u4e4b\u4e00\u662f\u5b83\u57fa\u4e8e\u5c16\u7aef\u7684\u52a0\u5bc6\u6280\u672f\u3002\u5b83\u901a\u8fc7\u4f7f\u7528\u4e00\u5bf9\u52a0\u5bc6\u5bc6\u94a5\u5bf9\u8fde\u63a5\u8fdb\u884c\u52a0\u5bc6\uff0c\u63d0\u4f9b\u5b89\u5168\u7684VPN\u96a7\u9053\u3002\u4e3a\u4e86\u786e\u4fdd\u53cc\u5411\u5b89\u5168\u901a\u4fe1\uff0c\u6bcf\u4e2a\u5bf9\u7b49\u70b9\u90fd\u5fc5\u987b\u62e5\u6709\u81ea\u5df1\u7684\u79c1\u94a5\u548c\u516c\u94a5\u3002\u6bcf\u4e2a\u670d\u52a1\u5668\u548c\u5ba2\u6237\u7aef\u5fc5\u987b\u751f\u6210\u81ea\u5df1\u7684\u5bc6\u94a5\u5bf9\uff0c\u7136\u540e\u4ea4\u6362\u516c\u94a5\u624d\u80fd\u4f7f\u7528 WireGuard\u3002<\/p>\n<\/div>\n<\/div>\n<p><a href=\"https:\/\/blog.pfchina.org\/wp-content\/uploads\/2022\/01\/Figure-7-EditinglocalWireGuardVPNserverconfigurationonOPNsense-d98e5121f3941fa343d44f43bf558b60.png\"><img loading=\"lazy\" decoding=\"async\" title=\"\u5728 OPNsense \u4e0a\u7f16\u8f91\u672c\u5730 WireGuard VPN \u670d\u52a1\u5668\u914d\u7f6e \" src=\"https:\/\/blog.pfchina.org\/wp-content\/uploads\/2022\/01\/Figure-7-EditinglocalWireGuardVPNserverconfigurationonOPNsense-d98e5121f3941fa343d44f43bf558b60.png\" alt=\"\u5728 OPNsense \u4e0a\u7f16\u8f91\u672c\u5730 WireGuard VPN \u670d\u52a1\u5668\u914d\u7f6e \" width=\"1899\" height=\"629\" \/><\/a><\/p>\n<p>\u56fe 7.\u00a0\u5728 OPNsense \u4e0a\u7f16\u8f91\u672c\u5730 WireGuard VPN \u670d\u52a1\u5668\u914d\u7f6e<\/p>\n<ul>\n<li>\u5355\u51fbpencil\u56fe\u6807\u53ef\u7f16\u8f91\/\u67e5\u770bMyWireGuardVPN \u672c\u5730\u914d\u7f6e\u3002<\/li>\n<li>\u8fd9\u91cc\u7684Public Key\u7a0d\u540e\u7528\u4e8e\u914d\u7f6e\u5728WireGuard VPN \u5ba2\u6237\u7aef\u4e0a\u3002<\/li>\n<\/ul>\n<p><a href=\"https:\/\/blog.pfchina.org\/wp-content\/uploads\/2022\/01\/Figure-8-ViewingthePublicKeyoftheWireGuardVPNserver-fecf7854a52193e5f020ecf43527d0f3.png\"><img loading=\"lazy\" decoding=\"async\" title=\"\u67e5\u770b WireGuard VPN \u670d\u52a1\u5668\u7684\u201c\u516c\u94a5\u201d\" src=\"https:\/\/blog.pfchina.org\/wp-content\/uploads\/2022\/01\/Figure-8-ViewingthePublicKeyoftheWireGuardVPNserver-fecf7854a52193e5f020ecf43527d0f3.png\" alt=\"\u67e5\u770b WireGuard VPN \u670d\u52a1\u5668\u7684\u201c\u516c\u94a5\u201d\" width=\"1116\" height=\"501\" \/><\/a><\/p>\n<p>\u56fe 8.\u00a0\u67e5\u770bPublic KeyWireGuard VPN \u670d\u52a1\u5668<\/p>\n<ul>\n<li>\u5173\u95edEdit Local Configuration\u7a97\u53e3\u3002<\/li>\n<\/ul>\n<p>\u73b0\u5728\uff0cWireGuard\u670d\u52a1\u5668\u53ef\u4ee5\u63a5\u53d7\u6765\u81ea\u7aef\u53e351820\u7684\u8fde\u63a5\uff0c\u5e76\u5141\u8bb8\u5ba2\u6237\u7aef\u81ea\u52a8\u751f\u6210\u4e0e\u79c1\u94a5\u5bf9\u5e94\u7684\u516c\u94a5\u3002<\/p>\n<h2 id=\"3-wireguard-vpn-client-setup-on-windows\">3.Windows\u5ba2\u6237\u7aef\u914d\u7f6e<\/h2>\n<p>WireGuard for Windows \u652f\u6301 Windows 7\u30018\u30018.1\u300110\u30012012\u30012016 \u548c 2019\uff0c\u5e76\u63d0\u4f9b\u4e86 64 \u4f4d\u548c 32 \u4f4d\u7248\u672c\u3002\uff1a<\/p>\n<h4 id=\"31-download-and-install-windows-wireguard-client\">3.1\u5b89\u88c5 Windows WireGuard\u5ba2\u6237\u7aef<\/h4>\n<p>\u4eceWireGuard \u7f51\u7ad9\u4e0b\u8f7d\u5e76\u5b89\u88c5 Windows \u5b89\u88c5\u7a0b\u5e8f\u3002<\/p>\n<p><a href=\"https:\/\/blog.pfchina.org\/wp-content\/uploads\/2022\/01\/Figure-9-DownloadingWireGuardWindowsinstaller-e72a77e9003d2dbf97866256d961abc6.png\"><img loading=\"lazy\" decoding=\"async\" title=\"\u4e0b\u8f7d WireGuard Windows \u5b89\u88c5\u7a0b\u5e8f\" src=\"https:\/\/blog.pfchina.org\/wp-content\/uploads\/2022\/01\/Figure-9-DownloadingWireGuardWindowsinstaller-e72a77e9003d2dbf97866256d961abc6.png\" alt=\"\u4e0b\u8f7d WireGuard Windows \u5b89\u88c5\u7a0b\u5e8f\" width=\"789\" height=\"238\" \/><\/a><\/p>\n<p>\u56fe 9.\u00a0\u4e0b\u8f7d WireGuard Windows \u5b89\u88c5\u7a0b\u5e8f<\/p>\n<p>\u5b89\u88c5\u540e\uff0c\u4f1a\u5728\u4efb\u52a1\u680f\u7684\u901a\u77e5\u533a\u57df\u4e2d\u770b\u5230 WireGuard \u56fe\u6807\u3002<\/p>\n<p><a href=\"https:\/\/blog.pfchina.org\/wp-content\/uploads\/2022\/01\/11223.png\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/blog.pfchina.org\/wp-content\/uploads\/2022\/01\/11223.png\" alt=\"\" width=\"187\" height=\"34\" \/><\/a><\/p>\n<p>\u56fe 10.\u00a0\u4efb\u52a1\u680f\u4e0a\u7684 WireGuard \u56fe\u6807<\/p>\n<h4 id=\"32-configuring-wireguard-windows-client\">3.2\u914d\u7f6e WireGuard Windows\u5ba2\u6237\u7aef<\/h4>\n<p>\u542f\u52a8 WireGuard \u5e94\u7528\u7a0b\u5e8f\uff0c\u7136\u540e\u5355\u51fb\u201c\u96a7\u9053\u201d\u9009\u9879\u5361\u4e2d\u663e\u793a\u7684Add Tunnel\u6309\u94ae\u65c1\u8fb9\u7684\u5411\u4e0b\u7bad\u5934\u3002<\/p>\n<p><a href=\"https:\/\/blog.pfchina.org\/wp-content\/uploads\/2022\/01\/11224.png\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/blog.pfchina.org\/wp-content\/uploads\/2022\/01\/11224.png\" alt=\"\" width=\"664\" height=\"515\" \/><\/a><\/p>\n<p>\u56fe 11.\u00a0\u5728 Windows \u5ba2\u6237\u7aef\u4e0a\u914d\u7f6e WireGuard<\/p>\n<p>\u70b9\u51fbAdd empty tunnel:<\/p>\n<p><a href=\"https:\/\/blog.pfchina.org\/wp-content\/uploads\/2022\/01\/11225.png\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/blog.pfchina.org\/wp-content\/uploads\/2022\/01\/11225.png\" alt=\"\" width=\"292\" height=\"478\" \/><\/a><\/p>\n<p>\u56fe 12.\u00a0\u6dfb\u52a0\u7a7a\u96a7\u9053<\/p>\n<p>\u4f1a\u81ea\u52a8\u521b\u5efa\u4e00\u4e2a\u516c\u94a5\/\u79c1\u94a5\u5bf9\uff0c\u5e76\u663e\u793a\u5728\u5c4f\u5e55\u4e0a\u3002<\/p>\n<div>\n<div>\n<p><a href=\"https:\/\/blog.pfchina.org\/wp-content\/uploads\/2022\/01\/Figure-13-CreatingnewWireGuardtunnelonWindowsclient-5cf273c5c414c899249311268118cf9d.png\"><img loading=\"lazy\" decoding=\"async\" title=\"\u5728 Windows \u5ba2\u6237\u7aef\u4e0a\u521b\u5efa\u65b0\u7684 WireGuard \u96a7\u9053\" src=\"https:\/\/blog.pfchina.org\/wp-content\/uploads\/2022\/01\/Figure-13-CreatingnewWireGuardtunnelonWindowsclient-5cf273c5c414c899249311268118cf9d.png\" alt=\"\u5728 Windows \u5ba2\u6237\u7aef\u4e0a\u521b\u5efa\u65b0\u7684 WireGuard \u96a7\u9053\" width=\"668\" height=\"517\" \/><\/a><\/p>\n<\/div>\n<\/div>\n<p>\u56fe 13.\u00a0\u5728 Windows \u5ba2\u6237\u7aef\u4e0a\u521b\u5efa\u65b0\u7684 WireGuard \u96a7\u9053<\/p>\n<p>\u4e3a\u96a7\u9053\u8f93\u5165\u4e00\u4e2a\u4ec5\u5305\u542b\u5b57\u6bcd\u6570\u5b57\u5b57\u7b26\uff08\u65e0\u7a7a\u683c\u6216\u6807\u70b9\u7b26\u53f7\uff09\u7684\u540d\u79f0\uff0c\u4f8b\u5982MyWireGuard\uff0c\u7136\u540e\u7f16\u8f91\u914d\u7f6e\u5982\u4e0b\uff1a<\/p>\n<div>\n<div>\n<pre tabindex=\"0\">[Interface]\r\n\r\nPrivateKey = CLIENT_PRIVATE_KEY\r\n\r\nAddress = 10.0.0.11\/24\r\n\r\nDNS = 10.0.0.1\r\n\r\n  \r\n\r\n[Peer]\r\n\r\nPublicKey = SERVER_PUBLIC_KEY\r\n\r\nEndpoint = SERVER_IP_ADDRESS:51820\r\n\r\nAllowedIPs = 0.0.0.0\/0\r\n\r\n<\/pre>\n<p>\u63a5\u53e3\u90e8\u5206\u7684\u5b57\u6bb5\u8bf4\u660e\u5982\u4e0b\uff1a<\/p>\n<\/div>\n<\/div>\n<ul>\n<li>PrivateKey\uff1aWindows \u5ba2\u6237\u7aef\u7684\u79c1\u94a5\u3002<\/li>\n<li>PublicKey\uff1aWindows \u5ba2\u6237\u7aef\u7684\u516c\u94a5\u3002\u7136\u540e\u5fc5\u987b\u5c06\u516c\u94a5\u590d\u5236\u5230OPNsense\u4e0a\u76f8\u5173\u5ba2\u6237\u7aef\u5bf9\u7b49\u70b9\u7684\u7684\u7aef\u70b9\u914d\u7f6e\u4e2d\u3002<\/li>\n<li>Address\uff1a\u6b64\u5ba2\u6237\u7aef\u7684VPN IP\u5730\u5740\u3002\u5b83\u5728\u6240\u6709\u5ba2\u6237\u7aef\u4e2d\u5fc5\u987b\u662f\u552f\u4e00\u7684\u3002\u662f\u5728 OPNsense\u7684\u7aef\u70b9\u914d\u7f6e\u4e2d\u6307\u5b9a\u4e3a\u5141\u8bb8 IP \u7684 IP\u3002<\/li>\n<li>DNS\uff1a\u5ba2\u6237\u7aef\u7528\u4e8e\u96a7\u9053\u7684DNS\u670d\u52a1\u5668\u7684IP \u5730\u5740\u3002\u5728\u672c\u4f8b\u4e2d\uff0c\u4f7f\u7528\u5728OPNsense WireGuard\u670d\u52a1\u5668\u4e0a\u8fd0\u884c\u7684 DNS \u670d\u52a1\u5668\u3002<\/li>\n<\/ul>\n<p>peer\u90e8\u5206\u7684\u5b57\u6bb5\u8bf4\u660e\u5982\u4e0b\uff1a<\/p>\n<ul>\n<li>PublicKey\uff1aOPNsense WireGuard\u670d\u52a1\u5668\u7684\u516c\u94a5\uff08\u672c\u4f8b\u4e2d\u5982\u56fe8\u6240\u793a\uff0c\u4e3a\uff1afyKJ4c6sXTVRTJla6zQ9wi4okRPRd\/GsMbTMszjhAgA=\uff09\u3002<\/li>\n<li>Endpoint\uff1a OPNsense \u670d\u52a1\u5668\u7684WAN\u63a5\u53e3IP\u5730\u5740\uff0c\u540e\u8ddf\u5192\u53f7\u548c WireGuard \u7aef\u53e3 ( 51820)\u3002<\/li>\n<li>AllowedIPs:\u00a00.0.0.0\/0\u00a0: \u6307\u5b9a\u5e94\u901a\u8fc7 VPN \u8def\u7531\u7684 IP \u5730\u5740\u30020.0.0.0\/0\u5141\u8bb8\u6240\u6709\u901a\u4fe1\uff0c\u5e76\u901a\u8fc7 VPN \u8def\u7531\u6240\u6709\u5185\u5bb9\u3002<\/li>\n<\/ul>\n<h4 id=\"33-block-untunneled-traffickill-switch-option\">3.3\u963b\u6b62\u975e\u96a7\u9053\u6d41\u91cf\u9009\u9879<\/h4>\n<p>\u5728\u7f16\u8f91\u96a7\u9053\u7a97\u53e3\u4e2d\uff0c\u6709\u4e00\u4e2aBlock untunneled traffic\u9009\u9879\u3002\u5f53 AllowedIPs \u8bbe\u7f6e\u4e3a0.0.0.0\/0\u65f6\uff0c\u53ef\u4ee5\u542f\u7528\u6b64\u9009\u9879\u3002\u542f\u7528\u8be5\u9009\u9879\uff0cWireGuard \u5ba2\u6237\u7aef\u4f1a\u6dfb\u52a0 Windows \u9632\u706b\u5899\u89c4\u5219\u6765\u963b\u6b62\u6240\u6709\u4e0d\u8fdb\u51fa\u96a7\u9053\u63a5\u53e3\u7684\u6d41\u91cf\u3002\u8fd9\u6837\u5b83\u53ef\u4ee5\u9632\u6b62\u5728VPN\u4e4b\u5916\u610f\u5916\u53d1\u9001IP\u6570\u636e\u5305\u3002<\/p>\n<p><a href=\"https:\/\/blog.pfchina.org\/wp-content\/uploads\/2022\/01\/Figure-14-WireGuardTunnelconfigurationonWindowsclient-1edcfc58dbae34ebe558ea1177e5c08b.png\"><img loading=\"lazy\" decoding=\"async\" title=\"Windows \u5ba2\u6237\u7aef\u4e0a\u7684 WireGuard \u96a7\u9053\u914d\u7f6e\" src=\"https:\/\/blog.pfchina.org\/wp-content\/uploads\/2022\/01\/Figure-14-WireGuardTunnelconfigurationonWindowsclient-1edcfc58dbae34ebe558ea1177e5c08b.png\" alt=\"Windows \u5ba2\u6237\u7aef\u4e0a\u7684 WireGuard \u96a7\u9053\u914d\u7f6e\" width=\"674\" height=\"523\" \/><\/a><\/p>\n<p>\u56fe 14.Windows \u5ba2\u6237\u7aef\u4e0a\u7684 WireGuard Tunnel \u914d\u7f6e<\/p>\n<p>\u5b8c\u6210\u540e\uff0c\u5355\u51fbSave\u6309\u94ae\u3002<\/p>\n<h2 id=\"4-adding-wireguard-endpointclient-peer-configuration-to-the-server\">4.\u5c06Windows\u5ba2\u6237\u7aef\u914d\u7f6e\u6dfb\u52a0\u5230\u670d\u52a1\u5668<\/h2>\n<p>\u5c06Windows\u5ba2\u6237\u7aef\u7684\u516c\u94a5\u548c IP \u5730\u5740\u6dfb\u52a0\u5230\u670d\u52a1\u5668\uff0c\u6309\u4ee5\u4e0b\u6b65\u9aa4\u64cd\u4f5c\uff1a<\/p>\n<ul>\n<li>\u5bfc\u822a\u5230VPN-&gt;\u00a0WireGuard-&gt; Endpoints<\/li>\n<\/ul>\n<p><a href=\"https:\/\/blog.pfchina.org\/wp-content\/uploads\/2022\/01\/Figure-15-AddingWireGuardendpointconfigurationonOPNsense-959a011a2bbc49ef275676d644ca3b19.png\"><img loading=\"lazy\" decoding=\"async\" title=\"\u5728 OPNsense \u4e0a\u6dfb\u52a0 WireGuard \u7aef\u70b9\u914d\u7f6e\" src=\"https:\/\/blog.pfchina.org\/wp-content\/uploads\/2022\/01\/Figure-15-AddingWireGuardendpointconfigurationonOPNsense-959a011a2bbc49ef275676d644ca3b19.png\" alt=\"\u5728 OPNsense \u4e0a\u6dfb\u52a0 WireGuard \u7aef\u70b9\u914d\u7f6e\" width=\"1912\" height=\"633\" \/><\/a><\/p>\n<p>\u56fe 15.\u00a0\u5728 OPNsense \u4e0a\u6dfb\u52a0 WireGuard \u7aef\u70b9\u914d\u7f6e<\/p>\n<ul>\n<li>\u5355\u51fb \u4ee5\u6dfb\u52a0\u65b0\u7aef\u70b9<\/li>\n<li>\u8f93\u5165Name\u4fe1\u606f\uff0c\u4f8b\u5982MyWindows\u3002<\/li>\n<li>\u8f93\u5165\u4e0a\u9762\u7684 Windows WireGuard \u5ba2\u6237\u7aef\u914d\u7f6e\u671f\u95f4\u751f\u6210\u7684\u516c\u94a5\uff0c\u672c\u793a\u4f8b\u4e3a\uff1aHtuNHzBxW ZcKMjOc5wbXZTFL4qKNbmzo\/6XoR\/cyEE=.<\/li>\n<li>\u5c06Allowed IPs\u8bbe\u7f6e\u4e3a\u4e0eWindows WireGuard \u5ba2\u6237\u7aef\u914d\u7f6e\u76f8\u540c\u7684IP\u5730\u5740\uff0c\u672c\u793a\u4f8b\u4e3a 10.0.0.11\/32<\/li>\n<li>\u5355\u51fbSave\u3002<\/li>\n<\/ul>\n<p><a href=\"https:\/\/blog.pfchina.org\/wp-content\/uploads\/2022\/01\/Figure-16-SettingWireGuardEndpointWindowsconfigurationonOPNsense-c8535bc938d187281bd3b8f7a210de8c.png\"><img loading=\"lazy\" decoding=\"async\" title=\"\u5728 OPNsense \u4e0a\u8bbe\u7f6e WireGuard Endpoint(Windows) \u914d\u7f6e\" src=\"https:\/\/blog.pfchina.org\/wp-content\/uploads\/2022\/01\/Figure-16-SettingWireGuardEndpointWindowsconfigurationonOPNsense-c8535bc938d187281bd3b8f7a210de8c.png\" alt=\"\u5728 OPNsense \u4e0a\u8bbe\u7f6e WireGuard Endpoint(Windows) \u914d\u7f6e\" width=\"1105\" height=\"673\" \/><\/a><\/p>\n<p>\u56fe 16.\u5728 OPNsense\u4e0a\u914d\u7f6eWireGuard Endpoint(Windows)<\/p>\n<h2 id=\"5-configuring-wireguard-android-client\">5.\u914d\u7f6eWireGuard Android\u5ba2\u6237\u7aef<\/h2>\n<p>\u60a8\u53ef\u4ee5\u6309\u7167\u4ee5\u4e0b\u6b65\u9aa4\u8f7b\u677e\u914d\u7f6e\u79fb\u52a8\u8bbe\u5907\u4e0a\u7684 WireGuard \u5e94\u7528\u7a0b\u5e8f\u4ee5\u8fde\u63a5 VPN<\/p>\n<h4 id=\"51-download-and-install-wireguard-application-on-android-device\">5.1 Android\u8bbe\u5907<\/h4>\n<p>\u4ece\u8bbe\u5907\u4e0a\u83b7\u53d6\u5e76\u5b89\u88c5\u5b98\u65b9\u5e94\u7528\u7a0b\u5e8f\uff0c\u56fd\u5185\u7684\u5e94\u7528\u5546\u5e97\u53ef\u80fd\u4e0d\u63d0\u4f9b\u8be5\u7a0b\u5e8f\uff0c\u53ef\u4ee5\u5355\u72ec\u4e0b\u8f7d\u9002\u7528\u4e8eAndroid\u8bbe\u5907\u7684apk\u7a0b\u5e8f\u8fdb\u884c\u5b89\u88c5\u3002<\/p>\n<p><a href=\"https:\/\/blog.pfchina.org\/wp-content\/uploads\/2022\/01\/Figure-17-InstallingWireGuardAndroidApplicationfromPlaystore-e22a7dd2630f7a64b669b0801e2840c5.png\"><img loading=\"lazy\" decoding=\"async\" title=\"\u4ece Playstore \u5b89\u88c5 WireGuard Android \u5e94\u7528\u7a0b\u5e8f\" src=\"https:\/\/blog.pfchina.org\/wp-content\/uploads\/2022\/01\/Figure-17-InstallingWireGuardAndroidApplicationfromPlaystore-e22a7dd2630f7a64b669b0801e2840c5.png\" alt=\"\u4ece Playstore \u5b89\u88c5 WireGuard Android \u5e94\u7528\u7a0b\u5e8f\" width=\"757\" height=\"1600\" \/><\/a><\/p>\n<p>\u56fe 17.\u00a0\u4ece Playstore\u4e0a\u5b89\u88c5 WireGuard Android \u5e94\u7528\u7a0b\u5e8f<\/p>\n<h4 id=\"52-configuring-wireguard-client-on-android\">5.2 Android\u914d\u7f6eWireGuard \u5ba2\u6237\u7aef<\/h4>\n<p>\u5b89\u88c5 WireGuard \u5e94\u7528\u7a0b\u5e8f\u540e\uff0c\u6211\u4eec\u9700\u8981\u4e3a VPN \u96a7\u9053\u6dfb\u52a0\u4e00\u4e2a\u65b0\u7684\u914d\u7f6e\u6587\u4ef6\u3002\u5355\u51fb\u84dd\u8272\u7684+ \u56fe\u6807\u6309\u94ae\u3002<\/p>\n<p><a href=\"https:\/\/blog.pfchina.org\/wp-content\/uploads\/2022\/01\/Figure-18-AddingWireGuardtunnelforAndroidclient-c0d33ed26d061b68499a8729b9e5b67a.png\"><img loading=\"lazy\" decoding=\"async\" title=\"\u4e3a Android \u5ba2\u6237\u7aef\u6dfb\u52a0 WireGuard \u96a7\u9053\" src=\"https:\/\/blog.pfchina.org\/wp-content\/uploads\/2022\/01\/Figure-18-AddingWireGuardtunnelforAndroidclient-c0d33ed26d061b68499a8729b9e5b67a.png\" alt=\"\u4e3a Android \u5ba2\u6237\u7aef\u6dfb\u52a0 WireGuard \u96a7\u9053\" width=\"757\" height=\"1600\" \/><\/a><\/p>\n<p>\u56fe 18.\u4e3a Android \u5ba2\u6237\u7aef\u6dfb\u52a0 WireGuard \u96a7\u9053<\/p>\n<p>\u4f1a\u6253\u5f00\u4e00\u4e2a\u65b0\u9875\u9762\u6765\u914d\u7f6e\u96a7\u9053\u3002\u6253\u5f00\u5e95\u90e8\u7684Creating From Scratch\u3002<\/p>\n<p><a href=\"https:\/\/blog.pfchina.org\/wp-content\/uploads\/2022\/01\/Figure-19-Creatingtunnelconfigurationfromscratch-e6c3caf09bbd155b2e10096252277a06.png\"><img loading=\"lazy\" decoding=\"async\" title=\"\u626b\u63cf\u4e8c\u7ef4\u7801\u5bfc\u5165\u96a7\u9053\u914d\u7f6e\" src=\"https:\/\/blog.pfchina.org\/wp-content\/uploads\/2022\/01\/Figure-19-Creatingtunnelconfigurationfromscratch-e6c3caf09bbd155b2e10096252277a06.png\" alt=\"\u4ece\u5934\u5f00\u59cb\u521b\u5efa\u96a7\u9053\u914d\u7f6e\" width=\"757\" height=\"1600\" \/><\/a><\/p>\n<p>\u56fe 19.\u00a0\u4ece\u5934\u5f00\u59cb\u521b\u5efa\u96a7\u9053\u914d\u7f6e<\/p>\n<ul>\n<li>\u8f93\u5165Name\u4fe1\u606f\uff0c\u5982MyWireGuard\u3002<\/li>\n<li>\u5355\u51fb\u53f3\u7aef\u7684\u5237\u65b0\u56fe\u6807\uff0c\u751f\u6210\u516c\u94a5\/\u79c1\u94a5\u5bf9\u3002<\/li>\n<li>\u8bbe\u7f6e\u5730\u5740\uff0c\u5982 10.0.0.12\u3002<\/li>\n<li>\u8bbe\u7f6eDNS\uff0c\u5982 10.0.0.1\u3002<\/li>\n<li>\u70b9\u51fb\u5e95\u90e8\u7684Add Peer\u3002<\/li>\n<\/ul>\n<p><a href=\"https:\/\/blog.pfchina.org\/wp-content\/uploads\/2022\/01\/Figure-20-WireGuardclientconfigurationonAndroiddevice-e642d8a78e89c39011e70fe043381bd3-e1642493096697.png\"><img loading=\"lazy\" decoding=\"async\" title=\"Android \u8bbe\u5907\u4e0a\u7684 WireGuard \u5ba2\u6237\u7aef\u914d\u7f6e\" src=\"https:\/\/blog.pfchina.org\/wp-content\/uploads\/2022\/01\/Figure-20-WireGuardclientconfigurationonAndroiddevice-e642d8a78e89c39011e70fe043381bd3-e1642493096697.png\" alt=\"Android \u8bbe\u5907\u4e0a\u7684 WireGuard \u5ba2\u6237\u7aef\u914d\u7f6e\" width=\"756\" height=\"1164\" \/><\/a><\/p>\n<p>\u56fe 20.\u00a0Android \u8bbe\u5907\u4e0a\u7684 WireGuard \u5ba2\u6237\u7aef\u914d\u7f6e<\/p>\n<p><a href=\"https:\/\/blog.pfchina.org\/wp-content\/uploads\/2022\/01\/Figure-21-AddingpeerconfigurationtoWireGuardclientonAndroiddevice-b38febebaaaa4fd3fa1052c350aa2e81.png\"><img loading=\"lazy\" decoding=\"async\" title=\"\u5728 Android \u8bbe\u5907\u4e0a\u5411 WireGuard \u5ba2\u6237\u7aef\u6dfb\u52a0\u5bf9\u7b49\u914d\u7f6e\" src=\"https:\/\/blog.pfchina.org\/wp-content\/uploads\/2022\/01\/Figure-21-AddingpeerconfigurationtoWireGuardclientonAndroiddevice-b38febebaaaa4fd3fa1052c350aa2e81.png\" alt=\"\u5728 Android \u8bbe\u5907\u4e0a\u5411 WireGuard \u5ba2\u6237\u7aef\u6dfb\u52a0\u5bf9\u7b49\u914d\u7f6e\" width=\"757\" height=\"1600\" \/><\/a><\/p>\n<p>\u56fe 21. \u00a0Android \u8bbe\u5907\u4e0a\u7684 WireGuard \u5ba2\u6237\u7aef\u6dfb\u52a0\u5bf9\u7aef\u914d\u7f6e<\/p>\n<p>\u63a5\u53e3\u90e8\u5206\u7684\u5b57\u6bb5\u8bf4\u660e\u5982\u4e0b\uff1a<\/p>\n<ul>\n<li>PrivateKey\uff1aandroid\u5ba2\u6237\u7aef\u7684\u79c1\u94a5\u3002<\/li>\n<li>PublicKey : android\u5ba2\u6237\u7aef\u7684\u516c\u94a5\u3002\u7136\u540e\u5fc5\u987b\u5c06\u516c\u94a5\u590d\u5236\u5230OPNsense\u4e0a\u76f8\u5173\u5ba2\u6237\u7aef\u5bf9\u7b49\u70b9\u7684\u7684\u7aef\u70b9\u914d\u7f6e\u4e2d\u3002<\/li>\n<li>Address\uff1a\u6b64\u5ba2\u6237\u7aef\u7684VPN IP\u5730\u5740\u3002\u5b83\u5728\u6240\u6709\u5ba2\u6237\u7aef\u4e2d\u5fc5\u987b\u662f\u552f\u4e00\u7684\u3002\u662f\u5728 OPNsense\u7684\u7aef\u70b9\u914d\u7f6e\u4e2d\u6307\u5b9a\u4e3a\u5141\u8bb8IP\u7684IP\u3002<\/li>\n<li>DNS\uff1a\u5ba2\u6237\u7aef\u7528\u4e8e\u96a7\u9053\u7684DNS\u670d\u52a1\u5668\u7684IP \u5730\u5740\u3002\u5728\u672c\u4f8b\u4e2d\uff0c\u4f7f\u7528\u5728OPNsense WireGuard\u670d\u52a1\u5668\u4e0a\u8fd0\u884c\u7684DNS\u670d\u52a1\u5668\u3002<\/li>\n<\/ul>\n<p>peer\u90e8\u5206\u7684\u5b57\u6bb5\u8bf4\u660e\u5982\u4e0b\uff1a<\/p>\n<ul>\n<li>PublicKey\uff1aOPNsense WireGuard \u670d\u52a1\u5668\u7684\u516c\u94a5\u3002<\/li>\n<li>Endpoint:\uff1aOPNsense \u670d\u52a1\u5668\u7684WAN\u63a5\u53e3\u5730\u5740\uff0c\u540e\u8ddf\u5192\u53f7\u548cWireGuard \u7aef\u53e3 (51820)\u3002<\/li>\n<li>AllowedIPs: \u00a0\u6307\u5b9a\u901a\u8fc7VPN \u8def\u7531\u7684 IP \u5730\u5740\u30020.0.0.0\/0 \u5141\u8bb8\u6240\u6709\u5730\u5740\uff0c\u5e76\u901a\u8fc7 VPN \u8def\u7531\u6240\u6709\u5185\u5bb9\u3002<\/li>\n<li>\u70b9\u51fb\u5c4f\u5e55\u53f3\u4e0a\u89d2\u7684\u4fdd\u5b58\u56fe\u6807\u3002<\/li>\n<\/ul>\n<div>\n<h2>6.\u5c06Android\u5ba2\u6237\u7aef\u914d\u7f6e\u6dfb\u52a0\u5230\u670d\u52a1\u5668<\/h2>\n<\/div>\n<p>\u5c06Android\u5ba2\u6237\u7aef\u7684\u516c\u94a5\u548c IP \u5730\u5740\u6dfb\u52a0\u5230\u670d\u52a1\u5668\uff0c\u6309\u7167\u4ee5\u4e0b\u6b65\u9aa4\u64cd\u4f5c\uff1a<\/p>\n<ul>\n<li>\u5bfc\u822a\u5230VPN-&gt;\u00a0WireGuard-&gt; \u3002Endpoints<\/li>\n<li>\u5355\u51fb \u6dfb\u52a0\u65b0\u7aef\u70b9<\/li>\n<li>\u8f93\u5165Name\u4fe1\u606f\uff0c\u4f8b\u5982MyAndroid\u3002<\/li>\n<li>\u8f93\u5165\u4e0a\u4e00\u6b65 Android WireGuard \u5ba2\u6237\u7aef\u914d\u7f6e\u671f\u95f4\u751f\u6210\u7684\u516c\u94a5\uff0c\u672c\u4f8b\u4e3a\uff1arQdjEcn7UMbIverQ4D0FKfz fkGLxClArwDsXCNf DE=.<\/li>\n<li>Allowed IPs\u586b\u5165\u4e0a\u9762Android WireGuard \u5ba2\u6237\u7aef\u914d\u7f6e\u4e2d\u7684\u5730\u5740\u5b57\u6bb5\uff0c\u5728\u672c\u4f8b\u4e2d\u4e3a10.0.0.12\/32<\/li>\n<li>\u5355\u51fbSave\u3002<\/li>\n<\/ul>\n<p><a href=\"https:\/\/blog.pfchina.org\/wp-content\/uploads\/2022\/01\/Figure-22-SettingWireGuardEndpointAndroidconfigurationonOPNsense-5e7a92980f80e7221ed767b681903213.png\"><img loading=\"lazy\" decoding=\"async\" title=\"\u5728 OPNsense \u4e0a\u8bbe\u7f6e WireGuard Endpoint(Android) \u914d\u7f6e\" src=\"https:\/\/blog.pfchina.org\/wp-content\/uploads\/2022\/01\/Figure-22-SettingWireGuardEndpointAndroidconfigurationonOPNsense-5e7a92980f80e7221ed767b681903213.png\" alt=\"\u5728 OPNsense \u4e0a\u8bbe\u7f6e WireGuard Endpoint(Android) \u914d\u7f6e\" width=\"1107\" height=\"669\" \/><\/a><\/p>\n<p>\u56fe 22.\u00a0\u5728 OPNsense\u4e0a\u914d\u7f6e WireGuard Endpoint(Android)<\/p>\n<p>\u73b0\u5728\uff0c\u5728 OPNsense VPN-&gt;\u00a0WireGuard-&gt;Endpoints\u9009\u9879\u5361\u4e0b\uff0c\u53ef\u4ee5\u67e5\u770b\u6240\u6709\u5df2\u914d\u7f6e\u7684 WireGuard VPN \u7aef\u70b9\uff0cMyWindows\u548cMyAndroid\u3002<\/p>\n<p><a href=\"https:\/\/blog.pfchina.org\/wp-content\/uploads\/2022\/01\/Figure-23-WireGuardendpointslistonOPNsense-edafe4c1fb6fc546679d311f82285a91.png\"><img loading=\"lazy\" decoding=\"async\" title=\"OPNsense \u4e0a\u7684 WireGuard \u7aef\u70b9\u5217\u8868\" src=\"https:\/\/blog.pfchina.org\/wp-content\/uploads\/2022\/01\/Figure-23-WireGuardendpointslistonOPNsense-edafe4c1fb6fc546679d311f82285a91.png\" alt=\"OPNsense \u4e0a\u7684 WireGuard \u7aef\u70b9\u5217\u8868\" width=\"1913\" height=\"695\" \/><\/a><\/p>\n<p>\u56fe 23.\u00a0OPNsense \u4e0a\u7684 WireGuard \u7aef\u70b9\u5217\u8868<\/p>\n<h2 id=\"7-adding-peersvpn-clients-to-server-local-configuration-on-opnsense\">7.\u5728OPNsense\u4e0a\u6dfb\u52a0\u8fdc\u7a0b\u7aef\u70b9<\/h2>\n<p>\u5728OPNsense \u9632\u706b\u5899\u4e0a\u5b9a\u4e49\u7aef\u70b9\u540e\uff0c\u8fd8\u8981\u6309\u7167\u4ee5\u4e0b\u6b65\u9aa4\u5c06\u6bcf\u4e2a\u7aef\u70b9\u6dfb\u52a0\u5230 WireGuard VPN \u670d\u52a1\u5668\u672c\u5730\u914d\u7f6e\u3002<\/p>\n<ul>\n<li>\u5bfc\u822a\u5230VPN-&gt;\u00a0WireGuard-&gt;Local\u9009\u9879\u5361\u3002<\/li>\n<li>\u70b9\u51fbMyWireGuard\u53f3\u4fa7\u7684\u94c5\u7b14\u56fe\u6807\u7f16\u8f91vpn \u914d\u7f6e\u3002<\/li>\n<li>\u4ecePeers\u4e0b\u62c9\u83dc\u5355\u4e2d\u9009\u62e9\u65b0\u521b\u5efa\u7684\u4e24\u4e2a\u7aef\u70b9\u3002MyWindows\u548cMyAndroid\u3002<\/li>\n<li>\u5355\u51fbSave\u3002<\/li>\n<\/ul>\n<p><a href=\"https:\/\/blog.pfchina.org\/wp-content\/uploads\/2022\/01\/Figure-24-AddingPeersEndpointstoWireGuardVPNServerlocalconfiguration-d1ff1a17435c3b6973708774cf4221eb.png\"><img loading=\"lazy\" decoding=\"async\" title=\"\u5c06 Peers\uff08\u7aef\u70b9\uff09\u6dfb\u52a0\u5230 WireGuard VPN Server \u672c\u5730\u914d\u7f6e\" src=\"https:\/\/blog.pfchina.org\/wp-content\/uploads\/2022\/01\/Figure-24-AddingPeersEndpointstoWireGuardVPNServerlocalconfiguration-d1ff1a17435c3b6973708774cf4221eb.png\" alt=\"\u5c06 Peers\uff08\u7aef\u70b9\uff09\u6dfb\u52a0\u5230 WireGuard VPN Server \u672c\u5730\u914d\u7f6e\" width=\"1108\" height=\"723\" \/><\/a><\/p>\n<p>\u56fe 24.\u00a0\u5c06 Peers\uff08\u7aef\u70b9\uff09\u6dfb\u52a0\u5230 WireGuard VPN Server \u672c\u5730\u914d\u7f6e<\/p>\n<ul>\n<li>\u5355\u51fbApply\u3002<\/li>\n<\/ul>\n<h2 id=\"8-enabling-wireguard-server-on-opnsense\">8.\u5728OPNsense\u4e0a\u542f\u7528WireGuard<\/h2>\n<ol>\n<li>\u5bfc\u822a\u5230VPN-&gt;\u00a0WireGuard-&gt;General\u9009\u9879\u5361\u3002<\/li>\n<li>\u5355\u51fbEnable WireGuard\u590d\u9009\u6846\u3002<\/li>\n<li>\u5355\u51fbApply\u3002<\/li>\n<\/ol>\n<p><a href=\"https:\/\/blog.pfchina.org\/wp-content\/uploads\/2022\/01\/Figure-25-EnablingWireGuardServeronOPNsense-88ab32ad0ddfec4f1e5acebd4f0b4755.png\"><img loading=\"lazy\" decoding=\"async\" title=\"\u5728 OPNsense \u4e0a\u542f\u7528 WireGuard \u670d\u52a1\u5668\" src=\"https:\/\/blog.pfchina.org\/wp-content\/uploads\/2022\/01\/Figure-25-EnablingWireGuardServeronOPNsense-88ab32ad0ddfec4f1e5acebd4f0b4755.png\" alt=\"\u5728 OPNsense \u4e0a\u542f\u7528 WireGuard \u670d\u52a1\u5668\" width=\"1908\" height=\"567\" \/><\/a><\/p>\n<p>\u56fe 25.\u00a0\u5728 OPNsense \u4e0a\u542f\u7528 WireGuard \u670d\u52a1\u5668<\/p>\n<h2 id=\"9-creating-wireguard-interface-on-opnsense\">9.\u521b\u5efa WireGuard \u63a5\u53e3<\/h2>\n<div>\n<div>\n<p>\u5982\u679c\u53ea\u9700\u8981\u901a\u8fc7 WireGuard \u8bbf\u95eeLAN\uff0c\u800c\u4e0d\u662f\u672c\u5730\u7f51\u7edc\u4e4b\u5916\u7684 IP\uff0c\u4f8b\u5982\u516c\u5171\u4e92\u8054\u7f51\uff0c\u53ef\u4ee5\u8df3\u8fc7\u6b64\u6b65\u9aa4\u3002<\/p>\n<\/div>\n<\/div>\n<div>\n<div>\n<p>\u5728 OPNsense\u4e0a\u521b\u5efa WireGuard \u63a5\u53e3\uff0c\u5b83\u53ef\u4ee5\uff1a<\/p>\n<\/div>\n<div>\n<ul>\n<li>\u4e3a\u96a7\u9053\u5b50\u7f51\u521b\u5efa\u4e00\u4e2a\u522b\u540d\uff0c\u7136\u540e\u53ef\u4ee5\u5728\u9632\u706b\u5899\u89c4\u5219\u4e2d\u4f7f\u7528\u8be5\u522b\u540d\u3002\u5426\u5219\uff0c\u5c31\u5fc5\u987b\u521b\u5efa\u81ea\u5df1\u7684\u522b\u540d\u6216\u624b\u52a8\u6307\u5b9a\u5b50\u7f51\u3002<\/li>\n<li>\u53ef\u4ee5\u81ea\u52a8\u6dfb\u52a0 IPv4 \u51fa\u7ad9 NAT \u89c4\u5219\uff0c\u5141\u8bb8\u96a7\u9053\u8bbf\u95ee\u672c\u5730\u7f51\u7edc\u4e4b\u5916\u7684 IPv4 IP\uff08\u5982\u679c\u9700\u8981\uff09\uff0c\u800c\u65e0\u9700\u624b\u52a8\u6dfb\u52a0\u89c4\u5219\u3002<\/li>\n<li>\u5b83\u53ef\u4ee5\u5206\u79bb\u6bcf\u4e2a WireGuard \u5b9e\u4f8b\u7684\u9632\u706b\u5899\u89c4\u5219\uff08\u6bcf\u4e2awgX\u8bbe\u5907\uff09\u3002\u5426\u5219\uff0c\u5b83\u4eec\u90fd\u5fc5\u987b\u5728OPNsense\u521b\u5efa\u7684\u9ed8\u8ba4 WireGuard \u7ec4\u4e0a\u8fdb\u884c\u914d\u7f6e\u3002<\/li>\n<\/ul>\n<\/div>\n<\/div>\n<p>\u8981\u521b\u5efa WireGuard \u63a5\u53e3\uff0c\u53ef\u4ee5\u6309\u7167\u4ee5\u4e0b\u6b65\u9aa4\u64cd\u4f5c\uff1a<\/p>\n<ul>\n<li>\u5bfc\u822a\u5230Interfaces-&gt;Assignments<\/li>\n<li>\u5728\u65c1\u8fb9\u7684\u4e0b\u62c9\u83dc\u5355\u4e2d\u9009\u62e9 WireGuard \u8bbe\u5907\uff08\u5982wg0\uff09<\/li>\n<li>\u6dfb\u52a0\u63cf\u8ff0\uff0c\u4f8b\u5982\u00a0MyWireGuard<\/li>\n<li>\u70b9\u51fb \u6dfb\u52a0<\/li>\n<li>\u70b9\u51fb\u00a0Save<\/li>\n<\/ul>\n<p><a href=\"https:\/\/blog.pfchina.org\/wp-content\/uploads\/2022\/01\/Figure-26-CreatingWireGuardinterfaceonOPNsense-9261bbdfa8034ab52a824636578a7bf7.png\"><img loading=\"lazy\" decoding=\"async\" title=\"\u5728 OPNsense \u4e0a\u521b\u5efa WireGuard \u63a5\u53e3\" src=\"https:\/\/blog.pfchina.org\/wp-content\/uploads\/2022\/01\/Figure-26-CreatingWireGuardinterfaceonOPNsense-9261bbdfa8034ab52a824636578a7bf7.png\" alt=\"\u5728 OPNsense \u4e0a\u521b\u5efa WireGuard \u63a5\u53e3\" width=\"1912\" height=\"649\" \/><\/a><\/p>\n<p>\u56fe 26.\u00a0\u5728 OPNsense \u4e0a\u521b\u5efa WireGuard \u63a5\u53e3<\/p>\n<ul>\n<li>\u5728 Interfaces \u83dc\u5355\u4e0b\u9009\u62e9\u65b0\u63a5\u53e3\uff0c\u5355\u51fb\u8fdb\u884c\u914d\u7f6e\u3002<\/li>\n<li>\u5355\u51fb\u542f\u7528\u63a5\u53e3\u3002<\/li>\n<li>\u9009\u4e2dLock\u9009\u9879\u3002<\/li>\n<li>\u5c06\u5176\u4ed6\u9009\u9879\u4fdd\u7559\u4e3a\u9ed8\u8ba4\u503c\u3002<\/li>\n<\/ul>\n<p><a href=\"https:\/\/blog.pfchina.org\/wp-content\/uploads\/2022\/01\/Figure-27-ConfiguringtheWireGuardinterfaceonOPNsense-9405a9e85793302d70bf6245a79440d4.png\"><img loading=\"lazy\" decoding=\"async\" title=\"\u5728 OPNsense \u4e0a\u914d\u7f6e WireGuard \u63a5\u53e3\" src=\"https:\/\/blog.pfchina.org\/wp-content\/uploads\/2022\/01\/Figure-27-ConfiguringtheWireGuardinterfaceonOPNsense-9405a9e85793302d70bf6245a79440d4.png\" alt=\"\u5728 OPNsense \u4e0a\u914d\u7f6e WireGuard \u63a5\u53e3\" width=\"1357\" height=\"902\" \/><\/a><\/p>\n<p>\u56fe 27.\u00a0\u5728 OPNsense \u4e0a\u914d\u7f6e WireGuard \u63a5\u53e3<\/p>\n<div>\n<div>\n<p>\u65e0\u9700\u5728WireGuard \u63a5\u53e3\u4e0a\u914d\u7f6e IP \u5730\u5740\u3002\u91cd\u65b0\u542f\u52a8Local WireGuard \u670d\u52a1\u540e\uff0c\u60a8\u7684 WireGuard \u670d\u52a1\u5668\u914d\u7f6e\u4e2d\u6307\u5b9a\u7684\u96a7\u9053\u5730\u5740\u4f1a\u81ea\u52a8\u5206\u914d\u7ed9\u63a5\u53e3\u3002<\/p>\n<\/div>\n<\/div>\n<ul>\n<li>\u5355\u51fbApply changes\u6fc0\u6d3b\u65b0\u7684\u63a5\u53e3\u8bbe\u7f6e\u3002<\/li>\n<li>\u5bfc\u822a\u5230VPN-&gt;\u00a0WireGuard-&gt;General\u9009\u9879\u5361\u3002<\/li>\n<li>\u901a\u8fc7\u53d6\u6d88\u9009\u4e2dEnable WireGuard\u590d\u9009\u6846\u7981\u7528 WireGuard \u3002<\/li>\n<li>\u901a\u8fc7\u9009\u4e2dEnable WireGuard\u590d\u9009\u6846\u542f\u7528 WireGuard<\/li>\n<\/ul>\n<h2 id=\"10-creating-firewall-rules\">10.\u521b\u5efa\u9632\u706b\u5899\u89c4\u5219<\/h2>\n<p>\u5728OPNsense \u8282\u70b9\u4e0a\u5b9a\u4e49\u4ee5\u4e0b\u4e24\u4e2a\u9632\u706b\u5899\u89c4\u5219\u3002<\/p>\n<ol>\n<li>WAN \u63a5\u53e3\u4e0a\u7684\u9632\u706b\u5899\u89c4\u5219\uff0c\u5141\u8bb8\u5ba2\u6237\u7aef\u8fde\u63a5\u5230 OPNsense WireGuard \u670d\u52a1\u5668\u3002<\/li>\n<li>\u5141\u8bb8\u5ba2\u6237\u7aef\u8bbf\u95ee\u4ed6\u4eec\u5e94\u8be5\u6709\u6743\u8bbf\u95ee\u7684\u4efb\u4f55IP\u5730\u5740\u7684\u9632\u706b\u5899\u89c4\u5219\u3002\u6b64\u89c4\u5219\u662f\u53ef\u9009\u7684\uff0c\u53ef\u80fd\u5e76\u4e0d\u9700\u8981\u5141\u8bb8\u5ba2\u6237\u7aef\u8bbf\u95ee\u5185\u90e8\u7f51\u7edc\u3002<\/li>\n<\/ol>\n<h4 id=\"101-allowing-vpn-clients-to-access-the-opnsense-wireguard-server\">10.1 \u5141\u8bb8VPN\u5ba2\u6237\u7aef\u8bbf\u95eeWireGuard\u670d\u52a1\u5668<\/h4>\n<p>\u8981\u5141\u8bb8\u4ece\u516c\u5171\u7f51\u7edc\u8bbf\u95eeWireGuard\/OpenVPN VPN \u670d\u52a1\u5668\uff0c\u9700\u8981\u5728WAN\u63a5\u53e3\u4e0a\u653e\u884cWireGuard\u6240\u4f7f\u7528\u7684\u7aef\u53e3\uff0c\u5728\u672c\u4f8b\u4e2d\u4e3a51820\u3002\u5982\u4e0b\u56fe\u6240\u793a\uff08\u793a\u4f8b\u4e3a\u591aWan\uff0c\u5141\u8bb8\u4eceWan1\u8fde\u63a5\uff09\uff1a<\/p>\n<p><a href=\"https:\/\/blog.pfchina.org\/wp-content\/uploads\/2022\/01\/Jietu20220118-114513.jpg\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/blog.pfchina.org\/wp-content\/uploads\/2022\/01\/Jietu20220118-114513.jpg\" alt=\"\" width=\"1258\" height=\"305\" \/><\/a><\/p>\n<h4 id=\"102-allowing-vpn-clients-to-access-the-internal-networks\">10.2 \u5141\u8bb8VPN\u5ba2\u6237\u7aef\u8bbf\u95ee\u5185\u90e8\u7f51\u7edc<\/h4>\n<p>\u5982\u679c\u5e0c\u671bWireGuard VPN \u5ba2\u6237\u7aef\u80fd\u591f\u8fde\u63a5\u5230\u7f51\u7edc\u4e0a\u7684\u4efb\u4f55\u8bbe\u5907\uff0c\u5219\u5fc5\u987b\u521b\u5efa\u53e6\u5916\u7684\u9632\u706b\u5899\u89c4\u5219\u6765\u5141\u8bb8\u6b64\u7c7b\u8bbf\u95ee\u3002\u5728\u9632\u706b\u5899\u89c4\u5219\u4e2d\uff0c\u5bfc\u822a\u5230\u521b\u5efa\u7684WireGuard \u63a5\u53e3\uff0c\u4f8b\u5982 MyWireGuard\u3002\u5355\u51fb+\u56fe\u6807\u6dfb\u52a0\u4e00\u6761\u65b0\u89c4\u5219\u6765\u5141\u8bb8\u5bf9\u4efb\u610f\u76ee\u6807\u7684\u8bbf\u95ee\u3002\u5982\u4e0b\u56fe\u6240\u793a\uff1a<\/p>\n<p><a href=\"https:\/\/blog.pfchina.org\/wp-content\/uploads\/2022\/01\/Figure-28-DefiningfirewallruletoallowallVPNclientstoaccessanywhere-1-640a39e0e8ba7ffc03e8ecc7d50c3042.png\"><img loading=\"lazy\" decoding=\"async\" title=\"\u5b9a\u4e49\u9632\u706b\u5899\u89c4\u5219\u4ee5\u5141\u8bb8\u6240\u6709 VPN \u5ba2\u6237\u7aef\u8bbf\u95ee\u4efb\u4f55\u5730\u65b9-1\" src=\"https:\/\/blog.pfchina.org\/wp-content\/uploads\/2022\/01\/Figure-28-DefiningfirewallruletoallowallVPNclientstoaccessanywhere-1-640a39e0e8ba7ffc03e8ecc7d50c3042.png\" alt=\"\u5b9a\u4e49\u9632\u706b\u5899\u89c4\u5219\u4ee5\u5141\u8bb8\u6240\u6709 VPN \u5ba2\u6237\u7aef\u8bbf\u95ee\u4efb\u4f55\u5730\u65b9-1\" width=\"819\" height=\"900\" \/><\/a><\/p>\n<p>\u56fe 28.\u00a0\u5b9a\u4e49\u9632\u706b\u5899\u89c4\u5219\u6765\u5141\u8bb8\u6240\u6709 VPN \u5ba2\u6237\u7aef\u8bbf\u95ee\u4efb\u610f\u7f51\u7edc-1<\/p>\n<p><a href=\"https:\/\/blog.pfchina.org\/wp-content\/uploads\/2022\/01\/Figure-29-DefiningfirewallruletoallowallVPNclientstoaccessanywhere-2-58446c9b133287f1c3fc6da85990de9b.png\"><img loading=\"lazy\" decoding=\"async\" title=\"\u5b9a\u4e49\u9632\u706b\u5899\u89c4\u5219\u4ee5\u5141\u8bb8\u6240\u6709 VPN \u5ba2\u6237\u7aef\u8bbf\u95ee\u4efb\u4f55\u5730\u65b9-2\" src=\"https:\/\/blog.pfchina.org\/wp-content\/uploads\/2022\/01\/Figure-29-DefiningfirewallruletoallowallVPNclientstoaccessanywhere-2-58446c9b133287f1c3fc6da85990de9b.png\" alt=\"\u5b9a\u4e49\u9632\u706b\u5899\u89c4\u5219\u4ee5\u5141\u8bb8\u6240\u6709 VPN \u5ba2\u6237\u7aef\u8bbf\u95ee\u4efb\u4f55\u5730\u65b9-2\" width=\"1165\" height=\"887\" \/><\/a><\/p>\n<p>\u56fe 29. \u5b9a\u4e49\u9632\u706b\u5899\u89c4\u5219\u6765\u5141\u8bb8\u6240\u6709 VPN \u5ba2\u6237\u7aef\u8bbf\u95ee\u4efb\u610f\u7f51\u7edc-2<\/p>\n<ul>\n<li>\u5355\u51fbsave\uff0c\u5e76Apply Changes\u6765\u6fc0\u6d3b\u8bbe\u7f6e\u3002<\/li>\n<\/ul>\n<h2 id=\"11-verifying-the-wireguard-setup-on-opnsense\">11.\u5728OPNsense\u4e0a\u9a8c\u8bc1WireGuard<\/h2>\n<p>WireGuard VPN \u670d\u52a1\u5668\u914d\u7f6e\u548c\u5ba2\u6237\u7aef\u914d\u7f6e\u5b8c\u6210\u3002\u8981\u6d4b\u8bd5\u914d\u7f6e\uff0c\u60a8\u53ef\u4ee5\u6309\u7167\u4ee5\u4e0b\u6b65\u9aa4\u64cd\u4f5c\u3002<\/p>\n<ol>\n<li>\u6fc0\u6d3bWireGuard Windows\u5ba2\u6237\u7aef\uff1aPC\u8fde\u63a5\u5230VPN\u670d\u52a1\u5668\uff0c\u6253\u5f00WireGuard \u5e94\u7528\u7a0b\u5e8f\uff0c\u627e\u5230MyWireGuard\uff0c\u901a\u8fc7\u5355\u51fbActivate\u6309\u94ae\u6253\u5f00\u96a7\u9053\u3002\u5bf9\u7aef\u8fde\u63a5\u540e\uff0c\u96a7\u9053Status\u5c06\u66f4\u6539\u4e3aActive\u3002<\/li>\n<\/ol>\n<p><a href=\"https:\/\/blog.pfchina.org\/wp-content\/uploads\/2022\/01\/Figure-30-ActivatingWireGuardtunnelonWindowsclient-157fde1c77449ea5ce2133447e90d32c.png\"><img loading=\"lazy\" decoding=\"async\" title=\"\u5728 Windows \u5ba2\u6237\u7aef\u4e0a\u6fc0\u6d3b WireGuard \u96a7\u9053\" src=\"https:\/\/blog.pfchina.org\/wp-content\/uploads\/2022\/01\/Figure-30-ActivatingWireGuardtunnelonWindowsclient-157fde1c77449ea5ce2133447e90d32c.png\" alt=\"\u5728 Windows \u5ba2\u6237\u7aef\u4e0a\u6fc0\u6d3b WireGuard \u96a7\u9053\" width=\"666\" height=\"520\" \/><\/a><\/p>\n<p>\u56fe 30.\u5728 Windows \u5ba2\u6237\u7aef\u4e0a\u6fc0\u6d3b WireGuard \u96a7\u9053<\/p>\n<ol start=\"2\">\n<li>\u6fc0\u6d3b WireGuard Android \u5ba2\u6237\u7aef\uff1aAndroid \u8bbe\u5907\u8fde\u63a5 VPN \u670d\u52a1\u5668\uff0c\u542f\u52a8 WireGuard \u5e94\u7528\u7a0b\u5e8f\uff0c\u5355\u51fbMyWireGuard\u53f3\u4fa7\u7684\u5207\u6362\u6309\u94ae\u6253\u5f00\u96a7\u9053\u3002<\/li>\n<\/ol>\n<p><a href=\"https:\/\/blog.pfchina.org\/wp-content\/uploads\/2022\/01\/Figure-31-ActivatingWireGuardtunnelonAndroidclient-50f14194d0b48e854d00ce3761176768-e1642493057293.png\"><img loading=\"lazy\" decoding=\"async\" title=\"\u5728 Android \u5ba2\u6237\u7aef\u4e0a\u6fc0\u6d3b WireGuard \u96a7\u9053\" src=\"https:\/\/blog.pfchina.org\/wp-content\/uploads\/2022\/01\/Figure-31-ActivatingWireGuardtunnelonAndroidclient-50f14194d0b48e854d00ce3761176768-e1642493057293.png\" alt=\"\u5728 Android \u5ba2\u6237\u7aef\u4e0a\u6fc0\u6d3b WireGuard \u96a7\u9053\" width=\"744\" height=\"380\" \/><\/a><\/p>\n<p>\u56fe 31.\u00a0\u5728 Android \u5ba2\u6237\u7aef\u4e0a\u6fc0\u6d3b WireGuard \u96a7\u9053<\/p>\n<ol start=\"3\">\n<li>\u5728OPNsense\u4e0a\u67e5\u770bVPN\u8fde\u63a5\uff1a\u5bfc\u822a\u5230VPN-&gt;\u00a0WireGuard-&gt;List Configuration\u9009\u9879\u5361\u3002\u53ef\u4ee5\u770b\u5230\u6709\u5173\u5df2\u8fde\u63a5 VPN \u5ba2\u6237\u7aef\u7684\u4fe1\u606f\u3002\u663e\u793a\u4ee5\u4e0b\u8be6\u7ec6\u4fe1\u606f\uff1a<\/li>\n<\/ol>\n<ul>\n<li>\u5bf9\u7b49\u70b9\uff08\u516c\u94a5\uff09<\/li>\n<li>\u5df2\u8fde\u63a5\u5ba2\u6237\u7aef\u7684 IP \u5730\u5740<\/li>\n<li>\u81ea\u4e0a\u6b21\u8fde\u63a5\u4ee5\u6765\u7684\u65f6\u95f4<\/li>\n<li>\u4f20\u8f93\u7684\u6570\u636e\u91cf<\/li>\n<\/ul>\n<p><a href=\"https:\/\/blog.pfchina.org\/wp-content\/uploads\/2022\/01\/Figure-32-ConnectedWireGaurdVPNclientslistconfigurationonOPNsense-3ab786d4f97d5022497cf8397dc6c526.png\"><img loading=\"lazy\" decoding=\"async\" title=\"OPNsense \u4e0a\u5df2\u8fde\u63a5\u7684 WireGaurd VPN \u5ba2\u6237\u7aef\u5217\u8868\u914d\u7f6e\" src=\"https:\/\/blog.pfchina.org\/wp-content\/uploads\/2022\/01\/Figure-32-ConnectedWireGaurdVPNclientslistconfigurationonOPNsense-3ab786d4f97d5022497cf8397dc6c526.png\" alt=\"OPNsense \u4e0a\u5df2\u8fde\u63a5\u7684 WireGaurd VPN \u5ba2\u6237\u7aef\u5217\u8868\u914d\u7f6e\" width=\"973\" height=\"660\" \/><\/a><\/p>\n<p>\u56fe 32.\u00a0OPNsense \u4e0a\u5df2\u8fde\u63a5\u7684 WireGaurd VPN \u5ba2\u6237\u7aef\u5217\u8868\u914d\u7f6e<\/p>\n<ol start=\"4\">\n<li>\u63e1\u624b\uff1a\u5355\u51fbHandshakes\u9009\u9879\u5361\u3002\u63e1\u624b\u6b21\u6570\u4e0d\u5e94\u7b49\u4e8e 0\uff0c\u800c\u4e14\u8fd8\u5e94\u8be5\u4e0d\u65ad\u589e\u52a0\u3002<\/li>\n<\/ol>\n<p><a href=\"https:\/\/blog.pfchina.org\/wp-content\/uploads\/2022\/01\/Figure-33-ViewinghandshakesforWireGuardVPNconnectionsonOPNsense-c33b331cf392f6e2df5f29a240427158.png\"><img loading=\"lazy\" decoding=\"async\" title=\"\u5728 OPNsense \u4e0a\u67e5\u770b WireGuard VPN \u8fde\u63a5\u7684\u63e1\u624b\" src=\"https:\/\/blog.pfchina.org\/wp-content\/uploads\/2022\/01\/Figure-33-ViewinghandshakesforWireGuardVPNconnectionsonOPNsense-c33b331cf392f6e2df5f29a240427158.png\" alt=\"\u5728 OPNsense \u4e0a\u67e5\u770b WireGuard VPN \u8fde\u63a5\u7684\u63e1\u624b\" width=\"1043\" height=\"582\" \/><\/a><\/p>\n<p>\u56fe 33.\u00a0\u5728 OPNsense \u4e0a\u67e5\u770b WireGuard VPN \u8fde\u63a5\u63e1\u624b<\/p>\n<ol start=\"5\">\n<li>Ping \u6d4b\u8bd5\uff1a\u53ef\u4ee5\u4ece\u5ba2\u6237\u7aef\u6210\u529fping WireGuard \u670d\u52a1\u5668\uff0c\u53cd\u4e4b\u4ea6\u7136\uff1a<\/li>\n<li>\u5185\u90e8\u7f51\u7edc\u8bbf\u95ee\u6d4b\u8bd5\uff1a\u7531\u4e8e\u6211\u4eec\u5141\u8bb8 VPN \u5ba2\u6237\u7aef\u4e0d\u53d7\u4efb\u4f55\u9650\u5236\u5730\u8bbf\u95ee\u9632\u706b\u5899\u540e\u9762\u7684\u5185\u90e8\u7f51\u7edc\uff0c\u56e0\u6b64\u4ed6\u4eec\u5e94\u8be5\u80fd\u591f\u8bbf\u95ee\u5c40\u57df\u7f51\u4e2d\u7684\u4efb\u610f\u5730\u5740\uff0c\u53cd\u4e4b\u4ea6\u7136\u3002<\/li>\n<\/ol>\n<div>\u539f\u6587<a href=\"https:\/\/www.sunnyvalley.io\/docs\/network-security-tutorials\/how-to-setup-wireguard-on-opnsense\">\u5730\u5740<\/a><\/div>\n<div>\n<p>\u89c6\u9891<a href=\"https:\/\/www.youtube.com\/watch?v=b58PpuIsQ3A&amp;ab_channel=0x2142-NetworkingNonsense\">\u6559\u7a0b<\/a><\/p>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>WireGuard \u662f\u4e00\u79cd\u7b80\u5355\u5feb\u901f\u7684VPN\u534f\u8bae\uff0c\u91c7\u7528\u73b0\u4ee3\u52a0\u5bc6\u6280\u672f\uff0c\u6bd4 IPsec &hellip; <a href=\"https:\/\/blog.pfchina.org\/?p=8187\">\u7ee7\u7eed\u9605\u8bfb <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[101],"class_list":["post-8187","post","type-post","status-publish","format-standard","hentry","category-opnsense","tag-wireguard"],"_links":{"self":[{"href":"https:\/\/blog.pfchina.org\/index.php?rest_route=\/wp\/v2\/posts\/8187","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.pfchina.org\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.pfchina.org\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.pfchina.org\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.pfchina.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=8187"}],"version-history":[{"count":4,"href":"https:\/\/blog.pfchina.org\/index.php?rest_route=\/wp\/v2\/posts\/8187\/revisions"}],"predecessor-version":[{"id":12173,"href":"https:\/\/blog.pfchina.org\/index.php?rest_route=\/wp\/v2\/posts\/8187\/revisions\/12173"}],"wp:attachment":[{"href":"https:\/\/blog.pfchina.org\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=8187"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.pfchina.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=8187"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.pfchina.org\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=8187"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}