Hi all,
I am trying to initiate a connection to a WireGuard server through ssh commands to my GLi.Net router,
Please allow me to precise that whenever I initiate the connection from the webUI, everything works fine.
I am using the following script, where I define a few variables and use them throughout the script.
WG_IF="vpn"
WG_SERV="W.G.I.P"
WG_PORT="51820"
WG_ADDR="10.66.217.8/32"
WG_DNS="1.1.1.1,1.0.0.1"
WG_KEY="My private_key" #Private Key *
WG_PUB="MY public_key" #Public Key *
WG_PSK="MY PSK" #PSK *
# Configure firewall
uci rename firewall.@zone[0]="lan"
uci rename firewall.@zone[1]="wan"
uci del_list firewall.wan.network="${WG_IF}"
uci add_list firewall.wan.network="${WG_IF}"
uci commit firewall
/etc/init.d/firewall restart
# Configure network
uci delete network.${WG_IF}
uci set network.${WG_IF}="interface"
uci set network.${WG_IF}.proto="wireguard"
uci set network.${WG_IF}.private_key="${WG_KEY}"
uci add_list network.${WG_IF}.addresses="${WG_ADDR}"
# Add VPN peers
uci delete network.wgserver
uci set network.wgserver="wireguard_${WG_IF}"
uci set network.wgserver.public_key="${WG_PUB}"
uci set network.wgserver.preshared_key="${WG_PSK}"
uci set network.wgserver.endpoint_host="${WG_SERV}"
uci set network.wgserver.endpoint_port="${WG_PORT}"
uci set network.wgserver.dns="${WG_DNS}"
uci set network.wgserver.route_allowed_ips="1"
uci set network.wgserver.persistent_keepalive="25"
uci add_list network.wgserver.allowed_ips="0.0.0.0/0"
uci add_list network.wgserver.allowed_ips="::/0"
uci commit network
/etc/init.d/network restart
The server is working and I can hit it no problem on from the same device when I connect via GUI. However, since we are planning to deploy this solution as an unattended project, we need to be able to set it up via ssh.
Please note that keys have been omitted from the post for security reasons.
Any help or pointers are highly appreciated. Thanks.