bluewalk/GetNordVPNWireGuardDetails.md

Last active February 19, 2025 07:03

Star (239) You must be signed in to star a gist
Fork (37) You must be signed in to fork a gist

Learn more about clone URLs
Clone this repository at <script src="https://gist.github.com/bluewalk/7b3db071c488c82c604baf76a42eaad3.js"></script>
Save bluewalk/7b3db071c488c82c604baf76a42eaad3 to your computer and use it in GitHub Desktop.

Download ZIP

Getting NordVPN WireGuard details

Raw

GetNordVPNWireGuardDetails.md

About

Instructions to obtain WireGuard details of your NordVPN account. These can be used to setup a WireGuard tunnel on your router to NordVPN.

Source: https://forum.gl-inet.com/t/configure-wireguard-client-to-connect-to-nordvpn-servers/10422/27

Prerequisites

If you have any linux machine, use that or install a vm if you don't have one.

Get their official linux app installed. Make sure you have wireguard installed too. And set the used technology to Nordlynx by running nordvpn set technology nordlynx

Fetching details

Connect to nordvpn with command: nordvpn connect (don't forget to login with nordvpn login --legacy).

Fetch (your) IP address

After successful connection run

ifconfig nordlynx

Fetch your private key

Run

sudo wg show nordlynx private-key

Output of this command should be something like this:

CKMAE9LARlt2eZHgGnNaSUYiKllKJN7f3hed/bWm5E8=

The key above is just a random key for demo purposes.

Fetch your public key

Run

sudo wg show nordlynx public-key

Output of this command should be something like this:

TO158iXbNXt2eZHgGnNaSUYiKZHgGN7f3hed/bWm5E8=

The key above is just a random key for demo purposes.

Fetch server details

Make sure you have curl and jq installed on your host/router. These are needed to be able to fetch the config of NordVPN Server. If not installed, go ahead and install

opkg install curl jq

After installation enter the command below to fetch the recommended server config:

Output:

uk1818.nordvpn.com #your endpoint host
178.239.166.185 #its ip address
London #city
United Kingdom #country
K53l2wOIHU3262sX5N/5kAvCvt4r55lNui30EbvaDlE= #Server public key
10 #Server load at the time.

Or just visit the following url https://api.nordvpn.com/v1/servers/recommendations?&filters\[servers_technologies\]\[identifier\]=wireguard_udp&limit=1 from your browser and look for the details manually.

rrbb86 commented Oct 28, 2024

Another way of getting the NordVPN server details you want (steps after installation of curl and jq):

Use the NordVPN site ([https://nordvpn.com/servers/tools/]) to get the hostname of a server you desire. Feel free to use the server preferences on the right and/or advanced options

Copy the hostname of the desired server (this will be in the format of e.g. "us8261.nordvpn.com")

In the terminal type in the following, replace the ##HOSTNAME## with the above hostname:
curl --silent "https://api.nordvpn.com/v1/servers?limit=16384" | jq --raw-output '.[] | select(.hostname == "##HOSTNAME##") | "\nServer: \(.name)\nHostname: \(.hostname)\nIP Address: \(.station)\nLocation: \(.locations.[].country.name) - \(.locations.[].country.city.name)\nType: \(.technologies.[].name)\nPubKey: \(.technologies.[].metadata.[].value)\nLoad: \(.load)\nStatus: \(.status)\n"'

Wait for a moment and the terminal will print out the required details for your desired host, e.g.:
Server: United States #8261
Hostname: us8261.nordvpn.com
IP Address: 212.102.47.74
Location: United States - Seattle
Type: Wireguard
Public Key: 1GaNB9RbeGNzekcuRDcxTXvqtXWFe2K9GtUd+EjNuyI=
Load: 21
Status: online

Hello, what could be wrong if I got "jq: 1 compile error" ?

2-click commented Nov 8, 2024

For my people under windows that don't have curl and jq, I have converted it to powershell:
https://gist.github.com/2-click/d3267354648bd6175db78ef171472e1d

cangesc commented Jan 5, 2025

alternative way without downloading their software (needs curl and jq):

go to https://my.nordaccount.com/dashboard/nordvpn/manual-configuration/ and create an access token
get your private key

curl -s -u token:<ACCESS_TOKEN> https://api.nordvpn.com/v1/users/services/credentials | jq -r .nordlynx_private_key

get server info

curl -s "https://api.nordvpn.com/v1/servers/recommendations?&filters\[servers_technologies\]\[identifier\]=wireguard_udp&limit=1" | jq -r '.[]|.hostname, .station, (.locations|.[]|.country|.city.name), (.locations|.[]|.country|.name), (.technologies|.[].metadata|.[].value), .load'

create config:

[Interface]
PrivateKey = <PRIVATE_KEY> # from step 2
Address = 10.5.0.2/32 # this IP is always the same
DNS = 9.9.9.9 # your favorite DNS server

[Peer]
PublicKey = <PUBLIC_KEY> # from step 3
AllowedIPs = 0.0.0.0/0, ::/0 # route everything
Endpoint = <ENDPOINT>:51820 # endpoint or IP from step 3, the port is always the same

this worked Perfectly!!!! Thank you so very much!

anapapag commented Jan 31, 2025 •

edited

Loading

Hi, did anyone configured the Wireguard VPN with Fritzbox or has any hint on what could make it go wrong?? I have a 7590 and I can't make it work. I always get:

Unfortunately, it was not possible to apply your settings.
Imported configuration file of WireGuard remote site was defective.
Click on "Close" to go to the WireGuard® overview and set up the WireGuard® connection again.

My .conf looks like (thanks @dvcrn):

[Interface]
PrivateKey=I_am_not_showing_it= (got this after I got a token from nordvpn and used: https://nord-configs.onrender.com/ )
Address=10.5.0.2/32
DNS=8.8.8.8

[Peer]
PublicKey=5p4RkybdRU5uaDi90eu4KZPTFif0lKCg4Qp6t1c4F30=
AllowedIPs=0.0.0.0/0,::/0
Endpoint=nl757.nordvpn.com:51820

I can't understand what it does not like. The event viewer (not the greatest log) shows that a VPN was configured succesfully.
@DarkGamer7798 how did you make it work? I am following your steps to the letter, with no success. Also with whatever deviation I could think of, I still have no success and nothing tells me what is wrong or what it does not like.
Any hint would be appreciated.