\u958b\u767a\u7528\u306e\u7aef\u672b\u3092\u3001https:\/\/dev.xxxx.xxxx.jp \u306e\u3088\u3046\u306b\u4f7f\u3046\u305f\u3081\u306binterlink\u3067\u56fa\u5b9aIP\u5316\u3057\u3066\u3044\u305f\u306e\u3060\u3051\u3069\u3001\u9045\u304f\u3066\u4f7f\u3048\u306a\u3044\uff08\u305f\u307e\u306b\u3064\u306a\u304c\u3089\u306a\u3044\u3057\uff09\u306a\u306e\u3067\u3001aws \u3092gateway\u306b\u3057\u3066\u3000VPN\u3092\u4f5c\u3063\u305f\u3002<\/p>\n\n\n\n
\u30dd\u30a4\u30f3\u30c8\u306f\u3001\u56fa\u5b9aIP\u3067\u5165\u308b\u3068\u81ea\u5206\u306e\u7aef\u672b\u306b\u6765\u308b\u3002<\/p>\n\n\n\n
\u306a\u306e\u3067\u3001https:\/\/dev.xxx.xxx.xxx \u306e\u3088\u3046\u306bssl\u3092\u4f7f\u3046\u3053\u3068\u304c\u3067\u304d\u308b\u3002
\u51fa\u3066\u884c\u304f\u6642\u306f\u3001\u56fa\u5b9aIP\u306a\u306e\u3067VPN\u3068\u3057\u3066\u4f7f\u3048\u308b\u3002\u3061\u306a\u307f\u306bSSL\u304c\u304b\u304b\u3063\u3066\u3044\u308b\u306e\u3067\u6697\u53f7\u5316\u3082\u3055\u308c\u3066\u3044\u308b\u3002<\/p>\n\n\n\n
\u4f7f\u3063\u305f\u306e\u306f\u3001wireguard<\/p>\n\n\n\n
\u51e6\u7406\u306f\u4ee5\u4e0b\u306e\u901a\u308a<\/p>\n\n\n\n
apt update
apt install wireguard -y<\/pre>\n\n\n\n
\n\n\n\n\u2462 \u30b5\u30fc\u30d0\u8a2d\u5b9a<\/h1>\n\n\n\n
\ud83d\udcc4
\/etc\/wireguard\/wg0.conf<\/code><\/h2>\n\n\n\n[Interface]
PrivateKey = iJw4IUUSMd9mfGufOHdtMePSAYFOXmqUe7gIHLqYQHo=
Address = 10.0.0.1\/24
ListenPort = 51820
# ===== NAT\uff08\u56fa\u5b9aIP\u3067\u5916\u306b\u51fa\u308b\uff09=====
PostUp = iptables -t nat -A POSTROUTING -o ens5 -j MASQUERADE; iptables -A FORWARD -i wg0 -o ens5 -j ACCEPT; iptables -A FORWARD -i ens5 -o wg0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT; iptables -t nat -A PREROUTING -i ens5 -p tcp --dport 80 -j DNAT --to-destination 10.0.0.2:80; iptables -t nat -A PREROUTING -i ens5 -p tcp --dport 443 -j DNAT --to-destination 10.0.0.2:443; iptables -A FORWARD -i ens5 -o wg0 -p tcp -d 10.0.0.2 --dport 80 -j ACCEPT; iptables -A FORWARD -i ens5 -o wg0 -p tcp -d 10.0.0.2 --dport 443 -j ACCEPT
PostDown = iptables -t nat -D POSTROUTING -o ens5 -j MASQUERADE; iptables -D FORWARD -i wg0 -o ens5 -j ACCEPT; iptables -D FORWARD -i ens5 -o wg0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT; iptables -t nat -D PREROUTING -i ens5 -p tcp --dport 80 -j DNAT --to-destination 10.0.0.2:80; iptables -t nat -D PREROUTING -i ens5 -p tcp --dport 443 -j DNAT --to-destination 10.0.0.2:443; iptables -D FORWARD -i ens5 -o wg0 -p tcp -d 10.0.0.2 --dport 80 -j ACCEPT; iptables -D FORWARD -i ens5 -o wg0 -p tcp -d 10.0.0.2 --dport 443 -j ACCEPT
[Peer]
PublicKey = QuvNVBysz2iR+TqiV6WGMoZZPEkXzgZ9AHFrX+EM2n4=
AllowedIPs = 10.0.0.2\/32<\/pre>\n\n\n\n
\n\n\n\n\u2463 IP\u30d5\u30a9\u30ef\u30fc\u30c9\u6709\u52b9\u5316<\/h1>\n\n\n\n
echo 'net.ipv4.ip_forward=1' >> \/etc\/sysctl.conf
sysctl -p<\/pre>\n\n\n\n
\n\n\n\n\u2464 WireGuard\u8d77\u52d5<\/h1>\n\n\n\n
wg-quick up wg0<\/pre>\n\n\n\n\u81ea\u52d5\u8d77\u52d5\uff1a<\/p>\n\n\n\n
systemctl enable wg-quick@wg0<\/pre>\n\n\n\n
\n\n\n\n\u2465 \u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u8a2d\u5b9a<\/h1>\n\n\n\n
[Interface]
PrivateKey = 2Dh\/4hrFgEaos6aE1KuLjH3gc+wLy9\/eliCUXI+EMmk=
Address = 10.0.0.2\/24
DNS = 1.1.1.1
[Peer]
PublicKey = P4x7XyqPvoIByw2k\/b+2K16zGFJXh69jUnz+onPzHFQ=
AllowedIPs = 0.0.0.0\/0
Endpoint = 54.249.219.224:51820
PersistentKeepalive = 25<\/pre>\n\n\n\n
\n\n\n\n\u2466 \u52d5\u4f5c\u78ba\u8a8d<\/h1>\n\n\n\n
\u5916\u5411\u304dIP\u78ba\u8a8d\uff08\u30af\u30e9\u30a4\u30a2\u30f3\u30c8\uff09<\/h2>\n\n\n\n
curl -4 ifconfig.me<\/pre>\n\n\n\n\ud83d\udc49 AWS\u306eIP\u304c\u51fa\u308c\u3070OK<\/p>\n\n\n\n
\n\n\n\n\u53d7\u4fe1\u78ba\u8a8d<\/h2>\n\n\n\n
http:\/\/54.249.219.224<\/pre>\n\n\n\n\ud83d\udc49 Mac\u306eWeb\u30b5\u30fc\u30d0\u304c\u8868\u793a\u3055\u308c\u308b<\/p>\n\n\n\n
\n\n\n\n\ud83c\udfaf \u6700\u7d42\u69cb\u6210<\/h1>\n\n\n\n
\u5916\u90e8 \u2192 AWS \u2192 (DNAT) \u2192 Mac
Mac \u2192 AWS \u2192 (MASQUERADE) \u2192 \u5916\u90e8<\/pre>\n\n\n\n\ud83d\udc49 \u5b8c\u5168\u56fa\u5b9aIP\u53cc\u65b9\u5411\u901a\u4fe1<\/strong><\/p>\n\n\n\n
<\/p>\n\n\n\n
<\/p>\n\n\n\n
\u3053\u308c\u3067\u3001interlink\u3060\u3068\u300010MBPS\u4ee5\u4e0b\u3060\u3063\u305f\u306e\u304c\u3001t3small\u3067300MBps\u304f\u3089\u3044\u3067\u308b\u3002<\/p>\n\n\n\n
type5 Wifi\u306a\u306e\u3067\u3001\u751f\u3060\u3068800~900M\u304f\u3089\u3044\u306a\u306e\u3060\u3051\u3069\u3002<\/p>\n\n\n\n
\u3061\u306a\u307f\u306bC6Large\u306b\u3059\u308b\u30681G\u51fa\u308b\u3002\uff08\u6709\u7dda\u3060\u3068VPS\u4f7f\u308f\u306a\u3044\u30682GBps\u304f\u3089\u3044\uff09<\/p>\n\n\n\n
MAC\u3060\u3068\u3001\u304d\u3061\u3093\u3068\u3001VPS\u6271\u3044\u306b\u306a\u3063\u3066\u305f\u3002<\/p>\n\n\n\n
<\/p>\n\n\n\n
<\/p>\n\n\n\n
<\/p>\n\n\n\n
<\/p>\n","protected":false},"excerpt":{"rendered":"
\u958b\u767a\u7528\u306e\u7aef\u672b\u3092\u3001https:\/\/dev.xxxx.xxxx.jp \u306e\u3088\u3046\u306b\u4f7f\u3046\u305f\u3081\u306binterlink\u3067\u56fa\u5b9aIP\u5316\u3057\u3066\u3044\u305f\u306e\u3060\u3051\u3069\u3001\u9045\u304f\u3066\u4f7f\u3048\u306a\u3044\uff08\u305f\u307e\u306b\u3064\u306a\u304c\u3089\u306a\u3044\u3057\uff09\u306a\u306e\u3067\u3001aws \u3092gateway\u306b\u3057\u3066\u3000VPN\u3092\u4f5c\u3063\u305f\u3002 \u30dd\u30a4\u30f3\u30c8\u306f\u3001\u56fa\u5b9aIP\u3067\u5165\u308b\u3068\u81ea\u5206\u306e\u7aef\u672b\u306b\u6765\u308b\u3002 \u306a\u306e\u3067\u3001https:\/\/dev.xxx.xxx.xxx \u306e\u3088\u3046\u306bssl\u3092\u4f7f\u3046\u3053\u3068\u304c\u3067\u304d\u308b\u3002\u51fa\u3066\u884c\u304f\u6642\u306f\u3001\u56fa\u5b9aIP\u306a\u306e\u3067VPN\u3068\u3057\u3066\u4f7f\u3048\u308b\u3002\u3061\u306a\u307f\u306bSSL\u304c\u304b\u304b\u3063\u3066\u3044\u308b\u306e\u3067\u6697\u53f7\u5316\u3082\u3055\u308c\u3066\u3044\u308b\u3002 \u4f7f\u3063\u305f\u306e\u306f\u3001.. \u7d9a\u304d\u3092\u8aad\u3080<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[1],"tags":[],"_links":{"self":[{"href":"https:\/\/kitayama.jp\/index.php?rest_route=\/wp\/v2\/posts\/638"}],"collection":[{"href":"https:\/\/kitayama.jp\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kitayama.jp\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kitayama.jp\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/kitayama.jp\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=638"}],"version-history":[{"count":4,"href":"https:\/\/kitayama.jp\/index.php?rest_route=\/wp\/v2\/posts\/638\/revisions"}],"predecessor-version":[{"id":644,"href":"https:\/\/kitayama.jp\/index.php?rest_route=\/wp\/v2\/posts\/638\/revisions\/644"}],"wp:attachment":[{"href":"https:\/\/kitayama.jp\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=638"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kitayama.jp\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=638"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kitayama.jp\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=638"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}