www.shivaserv.fr

Some stuff about OpenSource & Linux...

No comments

To be very quick, this is a very little howto to create Wireguard VPN.

First on both client and server you need to generate a private and associated public key.

# wg genkey > host_private.key
# wg pubkey < host_private.key > host_public.key

On the server, create a config file, for example myhome.conf on /etc/wireguard, with following content:

[Interface]
# Address for server and mask
Address = 10.11.12.1/24
# Port to listen on (open on FW on UDP)
ListenPort = 1234
# Private key for server (content)
PrivateKey = dsfsdfdssfdfsd

[Peer]
# Public key for client (content)
PublicKey = dfdsfsdsdfdffddfssfd
# How is allowed to connect / IP for client on the same network as server. It can be a network
AllowedIPs = 10.11.12.10/32
# Force to send packets every x sec to keep the tunnel up
PersistentKeepalive = x

For the server, create a config file too on /etc/wireguard

[Interface]
# Client address. Same as AllowedIPs on server (with mask)
Address = 10.11.12.10/24
# Private key for client (content)
PrivateKey = dsfdslalzlelk

[Peer]
# Host to connect
Endpoint = myserver.com:1234
# Public key for server (content)
PublicKey = dldlkmsdlkmdsmlds
# How is allowed (the server)
AllowedIPs = 10.11.12.1/32

On each machine, you can enable systemd service with wg-quick@confname (without .conf).

Check the network interface, with ip commands.

You can have more infos with "wg" command.

Enjoy

For more info, check https://www.wireguard.com/

No comments

It's quite simple to create a wifi access point with hostapd on Linux.
But when we want to create multiple SSID using the same adapter, it's quite tricky if you don't know correctly how to do it.

This tuto is under Debian 9.

We will assume wlan0 is our dongle, and we want to create 2 SSID.
wlan0 will be used for the first one, and wlan0_0 for the second.

On the network interface configuration file, create the interfaces, as "allow-hotplug".

auto wlan0
iface wlan0 inet static
  address 10.0.0.1
  netmask 255.255.255.0

auto wlan0_0
allow-hotplug wlan0_0
iface wlan0_0 inet static
  address 10.0.1.1
  netmask 255.255.255.0

For the hostapd configuration, create the file /etc/hostapd/hostapd.conf, and declare it as "DAEMON_CONF" on /etc/default/hostapd.

Here, we will create two "test" SSID :

interface=wlan0
ctrl_interface=/var/run/hostapd
ctrl_interface_group=0
hw_mode=g
channel=ac_survey            # the channel to use
ieee80211d=1          # limit the frequencies used to those allowed in the country
country_code=FR       # the country code
ieee80211n=1          # 802.11n support
ieee80211ac=1         # 802.11ac support
wmm_enabled=1         # QoS support


ssid=Mifirstwifi
wpa=2
wpa_passphrase=mygreatpassword
wpa_key_mgmt=WPA-PSK
wpa_pairwise=CCMP
rsn_pairwise=CCMP
beacon_int=100
auth_algs=1

bss=wlan0_0
ssid=MysecondWifi
wpa=2
wpa_passphrase=mysecondgreatpassword
wpa_key_mgmt=WPA-PSK
wpa_pairwise=CCMP
rsn_pairwise=CCMP
beacon_int=100
auth_algs=1


Now, you need to configure your DHCP server ;) See the config of the soft you're using.. (isc-dhcp-server, dnsmasq... ).
Don't forget your firewall too.

That's it ;)