summaryrefslogtreecommitdiff
path: root/docs/vpn/wireguard.rst
diff options
context:
space:
mode:
Diffstat (limited to 'docs/vpn/wireguard.rst')
-rw-r--r--docs/vpn/wireguard.rst8
1 files changed, 7 insertions, 1 deletions
diff --git a/docs/vpn/wireguard.rst b/docs/vpn/wireguard.rst
index afd9abfd..3580fac3 100644
--- a/docs/vpn/wireguard.rst
+++ b/docs/vpn/wireguard.rst
@@ -74,7 +74,7 @@ one.
set interfaces wireguard wg01 address '10.1.0.1/24'
set interfaces wireguard wg01 description 'VPN-to-wg02'
set interfaces wireguard wg01 peer to-wg02 allowed-ips '10.2.0.0/24'
- set interfaces wireguard wg01 peer to-wg02 address '192.168.0.142:12345'
+ set interfaces wireguard wg01 peer to-wg02 address '192.168.0.142'
set interfaces wireguard wg01 peer to-wg02 port '12345'
set interfaces wireguard wg01 peer to-wg02 pubkey 'XMrlPykaxhdAAiSjhtPlvi30NVkvLQliQuKP7AI7CyI='
set interfaces wireguard wg01 port '12345'
@@ -85,6 +85,10 @@ through the WireGuard interface `wg01`. Multiple IPs or networks can be
defined and routed, the last check is allowed-ips which either prevents
or allows the traffic.
+.. note:: You can not assign the same allowed-ips statement to multiple
+ WireGuard peers. This a a design decission. For more information please
+ check the `WireGuard mailing list`_.
+
To use a named key on an interface, the option private-key needs to be
set.
@@ -257,3 +261,5 @@ Operational commands
vyos@wg01# wireguard keypair default
+
+.. _`WireGuard mailing list`: https://lists.zx2c4.com/pipermail/wireguard/2018-December/003704.html
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-23 04:02:20 +0000