From 23c36eed5c01d5972123470e41b5c508edf03e0e Mon Sep 17 00:00:00 2001 From: William Mantly Date: Fri, 31 Jul 2020 22:44:31 +0000 Subject: [PATCH] Update 'README.md' --- README.md | 33 ++++++++++++++++++++++++++++----- 1 file changed, 28 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index 8e1dbd2..52ca7b1 100644 --- a/README.md +++ b/README.md @@ -2,6 +2,8 @@ ## Definitions +**todo** + VPN WireGuard routable @@ -26,7 +28,7 @@ This network rage will power the WireGuard network and does not need to routable on site. The last octet will match the site id. For the moment, all sites will be in -172.24.0.{site id} and the third octet reserved. +`172.24.0.{site id}` and the third octet reserved. ## Global site network @@ -43,7 +45,7 @@ The last octet will match the site id. For the moment, all sites will be in Site id has to match for local WireGuard node site id and the sites assigned site id. A lose Schema of this a site Schema should be created. At the moment, -if and how 10.{site id}.0.0/16 is broken up is up to the local site admin. +if and how `10.{site id}.0.0/16` is broken up is up to the local site admin. ## Private site network @@ -73,11 +75,32 @@ and This network range(s) are for private LAN nodes and should NOT be routable via the WireGuard VPN. The site admin is fully responsible for the management of -these networks. +these networks. The rest of this document will assume you have a private site +network of `192.168.1.0/24`. Any time you see `192.168.1.0/24` swap it for your +chosen private site network. -# Site config +# Site Configuration -# Usefull links +## WireGuard Node + +The wireGaurd node needs to get a static IP and be accessible on both the VPN +global network and should be accessible on the site private network. + +The IP of `10.{site id}.0.1` is reserved the WireGuard node. + +If you want the global VPN network to be accessible from the site private +network, the container needs to be address able on the site private network as +well. The recommended IP is .10. for example, if your default gateway is +`192.168.1.1`, the WireGaurd node should be `192.168.1.10`, if the gateway is +`172.16.0.1`, the WireGuard node should be `172.16.0.10`. + + +## Default Gateway + +A route entry for `10.0.0.0/8` - > `192.168.1.10` needs to be added if you wish +for the global VPN network to be accessible from the private site network. + +# Useful links https://en.wikipedia.org/wiki/Reserved_IP_addresses