Setup
Server setup
...
Client setup
- Download & install Wireguard
- Debian/Ubuntu:
sudo apt install -y wireguard wireguard-tools - Fedora:
sudo dnf install -y wireguard wireguard-tools
- Debian/Ubuntu:
- Create
/etc/wireguard/wg0.confYou can use any filename i.e.
my-connection-name.conf, wg0.conf` is just the default.Example
wg0.conf:[Interface] PrivateKey = YOUR_PRIVATE_KEY Address = 10.0.0.2/24 DNS = 1.1.1.1 [Peer] PublicKey = SERVER_PUBLIC_KEY Endpoint = your.server.ip:51820 ## 0.0.0.0/0 for all IPs, or limit with # AllowedIPs = 10.xxx.xxx.xxx/32 192.168.1.0/24 AllowedIPs = 0.0.0.0/0 PersistentKeepalive = 25Secure the config with
sudo chmod 600 /etc/wireguard/wg0.conf
- Bring up the interface with
sudo wg-quick up wg0- If you named the file something other than
wg0.conf, use the name of the file without.conf- i.e.
/etc/wireguard/my-connection-name.conf->sudo wg-quick up my-connection-name
- i.e.
- Bring the connection down with
sudo wg-quick down wg0
- If you named the file something other than
- You can also control the connection with
sudo systemctl [start|stop|enable|disable] wg-quick@wg0- If you used a different filename, use
wg-quick@my-connnection-name
- If you used a different filename, use
- Ensure port forwarding is enabled:
echo "net.ipv4.ip_forward=1" | sudo tee -a /etc/sysctl.conf
Last updated on