44Net Connect/Quick Start/Debian based distributions: Difference between revisions
Created page and pasted some content from 44Net Connect/Quick Start/Raspberry Pi |
Move display title and table of contents configuration inside noinclude block |
||
| (2 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
<noinclude> | |||
<div class="toclimit-3"> | <div class="toclimit-3"> | ||
__TOC__ | __TOC__ | ||
</div> | </div> | ||
{{DISPLAYTITLE:44Net Connect Quick Start: | {{DISPLAYTITLE:44Net Connect Quick Start: Debian-based distributions}} | ||
=== What you need === | === What you need === | ||
| Line 13: | Line 14: | ||
If you haven't set up your Portal account or verified your callsign yet, see [[GetStarted|44Net: Get Started]] for instructions. If you haven't obtained a WireGuard tunnel configuration file from 44Net Connect, get one using the [[44Net_Connect/Quick_Start|the 44Net Connect quick start guide]] | If you haven't set up your Portal account or verified your callsign yet, see [[GetStarted|44Net: Get Started]] for instructions. If you haven't obtained a WireGuard tunnel configuration file from 44Net Connect, get one using the [[44Net_Connect/Quick_Start|the 44Net Connect quick start guide]] | ||
</noinclude> | |||
== Install Dependencies == | == Install Dependencies == | ||
| Line 28: | Line 29: | ||
The third line, beginning with "Active," should indicate that the unit is active (running). | The third line, beginning with "Active," should indicate that the unit is active (running). | ||
If it's not, run <code>systemctl start systemd-resolved</code> to start the unit. This will ensure that the unit is currently running. | If it's not, run <code>systemctl start systemd-resolved</code> to start the unit. This will ensure that the unit is currently running. | ||
== Configure your WireGuard client == | |||
* Create a new file for your WireGuard configuration in <code>/etc/wireguard/</code>, for example <code>/etc/wireguard/wg0.conf</code>. | |||
* You can name this file however you want, but this file name will become the name of your WireGuard interface. | |||
* Paste the configuration text in from 44Net Connect, or if you prefer to use the file that was emailed to you, upload that one. | |||
[[File:wireguard_tunnel_config.png|500px]] | |||
The first time you create your tunnel, the private key will be present in the config for you to copy. Every subsequent time you view the config in the portal, the private key will not be shown. Saving a backup of the private key in a secure place is recommended. | |||
After creating your config file, set its permissions so that only the owner has read or write permissions. This can be done with the command <code>sudo chmod 600 /etc/wireguard/wg0.conf</code>. (Replace <code>wg0</code> with the name of your file.) | |||
== Activate and connect == | |||
=== Activate your tunnel === | |||
* Run the command <code>wg-quick up wg0</code> (replace <code>wg0</code> with the name of your configuration file if different). | |||
* If at this step WireGuard reports the error <code>Failed to activate service 'org.freedesktop.resolve1': timed out</code>, you may have forgotten to restart your computer after installing <code>systemd-resolved</code>. | |||
=== Confirm Connection in the Connect dashboard === | |||
* Your tunnel status should show as "Active" with a green indicator. | |||
[[File:wireguard_tunnel_connected.png|500px]] | |||
* The <code>Endpoint</code> field should show the IP address your device is connecting from, as well as the port it's using. This is not the 44Net IP from which your device is publicly accessible. | |||
=== Other Ways to Confirm Connection === | |||
* Visit https://connect.44net.cloud/myip in your browser, or query it from the command line using <code>curl https://connect.44net.cloud/myip</code> | |||
* Use <code>traceroute</code> to inspect the path between you and some other device, such as <code>traceroute 1.1.1.1</code>. When the tunnel is working, the first hop will be through a 44Net gateway, so its IP will be in the <code>44.0.0.0/9</code> or <code>44.128.0.0/10</code> subnet. | |||
== Starting the Tunnel Automatically == | |||
* On Linux distributions that use <code>systemd</code>, creating a <code>systemd</code> unit is the recommended way to automatically start the tunnel. | |||
* Create a unit file in <code>/etc/systemd/system/</code>, for example <code>/etc/systemd/system/44net-tunnel.service</code>. | |||
* Paste the following into the file. | |||
<nowiki> | |||
[Unit] | |||
Description=WireGuard single device 44Net Connect tunnel | |||
Requires=network-online.target | |||
[Service] | |||
Type=oneshot | |||
RemainAfterExit=true | |||
# Edit these lines if your config file is named differently. | |||
ExecStart=wg-quick up /etc/wireguard/wg0.conf | |||
ExecStop=wg-quick down /etc/wireguard/wg0.conf | |||
[Install] | |||
WantedBy=multi-user.target | |||
</nowiki> | |||
* If your config file is named something other than <code>wg0.conf</code>, edit the <code>ExecStart</code> and <code>ExecStop</code> lines so that they reflect the correct file name. | |||
* Enable and start the service by running <code>sudo systemctl enable --now 44net-tunnel.service</code>. If you named your unit file something else, use that name instead of <code>44net-tunnel.service</code>. | |||
* Verify that the service has started by running <code>systemctl status 44net-tunnel.service</code> and checking that it says enabled and active, the same way we previously checked that systemd-resolved was working. | |||
[[Category:Tutorial]] | |||
[[Category:How-To]] | |||
[[Category:Participation Methods]] | |||
[[Category:44Net Connect]] | |||
[[Category:Getting Started]] | |||
Latest revision as of 22:13, 3 June 2026
What you need
- A 44Net Portal account
- A verified amateur radio callsign
- A configuration file from 44Net Connect
- A machine running a Debian-based Linux distribution
- Some sort of Internet access
If you haven't set up your Portal account or verified your callsign yet, see 44Net: Get Started for instructions. If you haven't obtained a WireGuard tunnel configuration file from 44Net Connect, get one using the the 44Net Connect quick start guide
Install Dependencies
Step 1: Ensure your OS is up to date
Open a terminal and run sudo apt-get update, then sudo apt-get upgrade.
Step 2: Install wireguard and systemd-resolved
Run sudo apt-get install wireguard systemd-resolved, then restart your Raspberry Pi. Restarting is required for systemd-resolved to function.
Step 3: Verify that systemd-resolved is enabled
Run systemctl status systemd-resolved. If the unit is running without issues, there will be a green asterisk or circle at the top left. The second line, beginning with "Loaded," should indicate that the unit is enabled. If it's not, run systemctl enable systemd-resolved to enable the unit. This will ensure that the unit starts automatically when your Raspberry Pi boots from now on.
The third line, beginning with "Active," should indicate that the unit is active (running).
If it's not, run systemctl start systemd-resolved to start the unit. This will ensure that the unit is currently running.
Configure your WireGuard client
- Create a new file for your WireGuard configuration in
/etc/wireguard/, for example/etc/wireguard/wg0.conf. - You can name this file however you want, but this file name will become the name of your WireGuard interface.
- Paste the configuration text in from 44Net Connect, or if you prefer to use the file that was emailed to you, upload that one.
The first time you create your tunnel, the private key will be present in the config for you to copy. Every subsequent time you view the config in the portal, the private key will not be shown. Saving a backup of the private key in a secure place is recommended.
After creating your config file, set its permissions so that only the owner has read or write permissions. This can be done with the command sudo chmod 600 /etc/wireguard/wg0.conf. (Replace wg0 with the name of your file.)
Activate and connect
Activate your tunnel
- Run the command
wg-quick up wg0(replacewg0with the name of your configuration file if different). - If at this step WireGuard reports the error
Failed to activate service 'org.freedesktop.resolve1': timed out, you may have forgotten to restart your computer after installingsystemd-resolved.
Confirm Connection in the Connect dashboard
- Your tunnel status should show as "Active" with a green indicator.
- The
Endpointfield should show the IP address your device is connecting from, as well as the port it's using. This is not the 44Net IP from which your device is publicly accessible.
Other Ways to Confirm Connection
- Visit https://connect.44net.cloud/myip in your browser, or query it from the command line using
curl https://connect.44net.cloud/myip - Use
tracerouteto inspect the path between you and some other device, such astraceroute 1.1.1.1. When the tunnel is working, the first hop will be through a 44Net gateway, so its IP will be in the44.0.0.0/9or44.128.0.0/10subnet.
Starting the Tunnel Automatically
- On Linux distributions that use
systemd, creating asystemdunit is the recommended way to automatically start the tunnel. - Create a unit file in
/etc/systemd/system/, for example/etc/systemd/system/44net-tunnel.service. - Paste the following into the file.
[Unit] Description=WireGuard single device 44Net Connect tunnel Requires=network-online.target [Service] Type=oneshot RemainAfterExit=true # Edit these lines if your config file is named differently. ExecStart=wg-quick up /etc/wireguard/wg0.conf ExecStop=wg-quick down /etc/wireguard/wg0.conf [Install] WantedBy=multi-user.target
- If your config file is named something other than
wg0.conf, edit theExecStartandExecStoplines so that they reflect the correct file name. - Enable and start the service by running
sudo systemctl enable --now 44net-tunnel.service. If you named your unit file something else, use that name instead of44net-tunnel.service. - Verify that the service has started by running
systemctl status 44net-tunnel.serviceand checking that it says enabled and active, the same way we previously checked that systemd-resolved was working.