Last active
August 22, 2021 03:00
-
-
Save cnmoro/8bff77e1a8b58f03f6b7138118134e12 to your computer and use it in GitHub Desktop.
WireGuard Server+Client Configuration
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| SERVER-SIDE | |
| $ sudo apt install wireguard | |
| $ sudo -i | |
| $ cd /etc/wireguard/ | |
| $ umask 077; wg genkey | tee privatekey | wg pubkey > publickey | |
| $ cat privatekey | |
| ( Save the key ) | |
| $ cat publickey | |
| ( Save the key ) | |
| $ sudo nano /etc/wireguard/wg0.conf | |
| [Interface] | |
| ## VPN server private IP ## | |
| Address = 192.168.6.1/24 | |
| ## My VPN server port ## | |
| ListenPort = 41194 | |
| ## VPN server private key /etc/wireguard/privatekey ## | |
| PrivateKey = (SERVER KEY) | |
| $ sudo ufw allow 41194/udp | |
| $ sudo ufw status | |
| $ sudo systemctl enable wg-quick@wg0 | |
| $ sudo systemctl start wg-quick@wg0 | |
| $ sudo wg | |
| $ sudo ip a show wg0 | |
| # Allows peers to see each other | |
| $ sysctl -w net.ipv4.ip_forward=1; iptables -I FORWARD -i wg0 -o wg0 -j ACCEPT | |
| -------------------------------------------------------- | |
| CLIENT-SIDE | |
| $ sudo apt install wireguard | |
| $ sudo sh -c 'umask 077; touch /etc/wireguard/wg0.conf' | |
| $ sudo -i | |
| $ cd /etc/wireguard/ | |
| $ umask 077; wg genkey | tee privatekey | wg pubkey > publickey | |
| $ cat privatekey | |
| ( Save the key ) | |
| $ cat publickey | |
| ( Save the key ) | |
| $ sudo nano /etc/wireguard/wg0.conf | |
| [Interface] | |
| ## This Client's private key ## | |
| PrivateKey = (CLIENT KEY) | |
| ## Client ip address - Change the '.2' ## | |
| Address = 192.168.6.2/24 | |
| [Peer] | |
| ## Ubuntu 20.04 server public key ## | |
| PublicKey = (SERVER PUBLIC KEY) | |
| ## set ACL ## | |
| AllowedIPs = 192.168.6.0/24 | |
| ## Your Server's public IPv4/IPv6 address and port ## | |
| Endpoint = (SERVER GLOBAL IP):41194 | |
| ## Key connection alive ## | |
| PersistentKeepalive = 15 | |
| $ sudo systemctl enable wg-quick@wg0 | |
| $ sudo systemctl start wg-quick@wg0 | |
| $ sudo systemctl status wg-quick@wg0 | |
| -------------------------------------------------------- | |
| SERVER UPDATE TO ACCEPT NEW CLIENT | |
| $ sudo systemctl stop wg-quick@wg0 | |
| $ sudo nano /etc/wireguard/wg0.conf | |
| [Peer] | |
| ## Client VPN public key ## | |
| PublicKey = (CLIENT PUBLIC KEY) | |
| ## client VPN IP address (note the /32 subnet) - Change the '.2' ## | |
| AllowedIPs = 192.168.6.2/32 | |
| $ sudo systemctl start wg-quick@wg0 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment