Difference between revisions of "Wireguard"
Jump to navigation
Jump to search
Michael.mast (talk | contribs) (Created page with "==Rocky Linux== Dual NIC wireguard setup.") |
Michael.mast (talk | contribs) |
||
| Line 1: | Line 1: | ||
==Rocky Linux== | ==Rocky Linux== | ||
| − | Dual NIC wireguard setup. | + | Dual NIC wireguard setup |
| + | ===Prerequisite Network Config=== | ||
| + | *Configure the firewall to only allow the wireguard port, then move the internal interface to the internal zone. | ||
| + | <pre> | ||
| + | firewall-cmd --permanent --add-port=51820/udp --zone=public | ||
| + | firewall-cmd --permanent --remove-service=dhcpv6-client --zone=public | ||
| + | firewall-cmd --permanent --remove-service=cockpit --zone=public | ||
| + | firewall-cmd --permanent --zone=internal --change-interface=enp3s0 | ||
| + | </pre> | ||
Revision as of 16:55, 5 May 2025
Rocky Linux
Dual NIC wireguard setup
Prerequisite Network Config
- Configure the firewall to only allow the wireguard port, then move the internal interface to the internal zone.
firewall-cmd --permanent --add-port=51820/udp --zone=public firewall-cmd --permanent --remove-service=dhcpv6-client --zone=public firewall-cmd --permanent --remove-service=cockpit --zone=public firewall-cmd --permanent --zone=internal --change-interface=enp3s0
