Airvpn config generator install#
Please note that you will need to flash the latest release of libreCMC in order to install WireGuard packages from the libreCMC repository. AirVPN is a privacy friendly VPN service that aims to protect your privacy and has support for WireGuard. WireGuard is similar to OpenVPN, but newer and faster. Once we have done it, we click on save, and we will be able to see all the settings made.These directions have been thoroughly tested on a TPE-R1200 and TPE-R1300 mini wireless router running libreCMC v1.5.8 and AirVPN with a WireGuard configuration (and many newer releases as well). We also have a button to exclude private IPs. Allowed IPs: if we want to put all of them, we put 0.0.0.0/0.Final point: we must put “IP: port†syntax, therefore, we can put: “:51820â€.Persistent maintenance: keep alive, it is recommended to leave it blank.Pre-shared key: if we have not configured, we leave it blank, if we have configured we copy it exactly the same.Peers – The public key of the VPN server.Now we click on add pair, and more configurations will be displayed, these configurations are those of the VPN server. DNS servers: we can put a specific DNS server, or directly that resolves the tunnel.Addresses: the client’s IPv4 or IPv6, in this case, we have previously configured 10.9.0.2/32, we put this.Public key: when entering the private key, it generates it automatically.Private key: we put the private key that we have previously copied from the notepad.Name: we will put a description to the VPN tunnel, a descriptive name in case we have several.When adding a new VPN, we must fill in all or almost all the information that it asks us, it is the VPN client: We add a new rule with the following information: Firewall Configuration on WAN and WireGuardīefore connecting the first VPN client, we must go to “Firewall / Rules†and add a new rule on the Internet WAN interface. Once we have correctly configured the WireGuard VPN server in pfSense 2.5.0, we are going to configure the firewall part, because by default it is always in block everything mode. We cannot put the pre-shared key “12345678†for example, we must use the pfSense generator. In our case, we have not put a pre-shared key, but if you put it, both in the pfSense and in the VPN client it must be exactly the same, and we must generate this key with the blue button that comes in the pfSense. Pre-shared key: optional, you can add a pre-shared key to further enhance security.Peer WireGuard Address: the IP address of the registered peer.The most normal thing is that remote access VPN clients go to the Internet through the VPN itself, but here we can configure specific access to different networks. Alloweds IPs: if we want there to be internet redirection and access to all networks, we put 0.0.0.0/0.Public Key: we must put the public key of the VPN client, previously you have seen how it is generated for the client, because here we will put the public key.Now the pfSense 2.5.0 development team have incorporated WireGuard into their system by default, although previously we could also install it, but we did not have official support.
Lastly, this new VPN is compatible with multiple operating systems like Windows, Linux, MacOS, FreeBSD, Android, and also iOS. In addition, we can also enable the Kill-Switch to prevent data leaks if the VPN goes down. Other interesting features are that it allows roaming between networks quickly and easily, to always be connected from any WiFi or 4G / LTE network without interrupting the connection.
Of course, the WireGuard server can be behind the NAT without problems, only a port forwarding would have to be done.
With this new VPN we will not need to manage the connections or make difficult configurations, it only works in tunneling mode because it is an 元 VPN, and uses the UDP protocol as a transport layer and does not allow selecting TCP, what we can do is modify the port of listen for whoever we want. As you have seen, we have the most modern cryptographic algorithms used by default, and we cannot change it for others at the moment, they must be these yes or yes. It also makes use of Curve25519 for ECDH, BLAKE2 for hashing, SipHash24 for hashtable keys, and HKDF for key derivation. Regarding the cryptography used, we have ChaCha20 for symmetric encryption, authenticated with Poly1305, so we have AEAD.
0 kommentar(er)
