pufferffish
commented
2 years ago Would you happen to have an example config for testing out multiple peers / tunnels?
Closed jordemort closed 2 years ago
pufferffish
commented
2 years ago Would you happen to have an example config for testing out multiple peers / tunnels?
jordemort
commented
2 years ago Sure, here's a heavily redacted version of what I'm running:
[Interface]
Address = 10.254.254.40/32
PrivateKey = XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX=
[Peer]
Endpoint = 192.168.0.204:51820
PublicKey = YYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYY=
AllowedIPs = 10.254.254.100/32
PersistentKeepalive = 25
[Peer]
PublicKey = ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ=
AllowedIPs = 10.254.254.1/32, fdee:1337:c000:d00d::1/128
Endpoint = 172.16.0.185:44044
PersistentKeepalive = 25
[TCPServerTunnel]
ListenPort = 5000
Target = service-one.servicenet:5000
[TCPServerTunnel]
ListenPort = 5001
Target = service-two.servicenet:5001
[TCPServerTunnel]
ListenPort = 5080
Target = service-three.servicenet:80I've got a big server at home and a smallish VPS in the cloud. I want to expose some, but not all, of the services that I have on my big server to my VPS. With wireproxy, I can pick off specific ports and forward them to the VPS without putting my whole big server on the same VPN as it and potentially exposing more than I intended.
jordemort
commented
2 years ago In the example config, the services on 10.254.254.40 are accessible to both peers at .1 and .100
PeerConfigstruct, whichDeviceConfignow contains an array ofAllowedIPsconfiguration option on peers; if unspecified, defaults to allowing everything as beforeAllowNonUniqueSections: trueon the INI parserTested with multiple peers, tunnels, and allowed IPs in my home network