full image - Repost: How to use wireguard on UDMP via SSH without installing any additional software (from Reddit.com, How to use wireguard on UDMP via SSH without installing any additional software)
Mining:
Exchanges:
Donations:
I was out of town and needed to connect to my home network but with Teleport I can only connect my phone and not my linux laptop. With Termux and Teleport I could SSH in but I didn't want to mess with the software on my UDMP because I wasn't home to fix it if I messed anything up. Thankfully the UDMP now has wireguard built into the base linux OS.This is a non persistent setup. On reboot it will all be gone but I was able to create a wireguard server and connect to it from my laptop. I am not sure if this is the best way of doing it but it worked for me.-First I created a VLAN only network at 10.1.10.0-Then I SSHed into the UDMP using my phone and used the instructions at https://ift.tt/JOMRkCX as a guide to setup the wireguard link with the UDMP at 10.1.100.1-On the UDMP I setup a new port forwarding rule to forward the wireguard port I chose to that port at 10.1.100.1-In order for the port forward to actually work you need a firewall rule in Internet Local to accept all UDP traffic to 10.1.10.1 at the wireguard port.With that it started working. For the client side I made a config file and used wg-quick but I wanted to keep things all on the command line on the UDMP so I used the manual instructions. wg-quick is missing on the UDMP but if you want to use it it is just a bash script and could easily be copied over.It would actually be rather simple to make a bash script on your phone in Termux that sends all of the necessary commands to the UDMP to setup this link from scratch anytime it is needed and brings it down when done.I know this was more conceptual than actual instructions but I hope it helps someone.There are a few security implications of both this and Teleport that one should keep in mind. If you use LAN IN rules to segregate VLANS both wireguard and Teleport connections will not be blocked by them. This is because LAN IN rules only block traffic coming into the router from the LAN and this is routed on it. You may want to add some LAN OUT rules to block traffic where needed.Also it seems that when you turn a Teleport connection on via the Wifiman app it creates a persistent wireguard server on the UDMP and it destroys it when you turn it off. If you get disconnected from the Teleport connection which seems to happen all the time the wireguard server continues to run on the UDMP indefinitely. It isn't really a security issue unless someone can get your private key off your device somehow but it kind of defeats the whole purpose of them bothering to bring connections up and down vs just having a wireguard server running all the time.
Social Media Icons