Skip to content

Instantly share code, notes, and snippets.

@flotwig
Last active November 21, 2021 11:01
Show Gist options
  • Save flotwig/5d50cdcb8d1a3548ab3fc607e14f128d to your computer and use it in GitHub Desktop.
Save flotwig/5d50cdcb8d1a3548ab3fc607e14f128d to your computer and use it in GitHub Desktop.
WireGuard configuration
[Interface]
# Configuration for the server
# Set the IP subnet that will be used for the WireGuard network.
# 10.222.0.1 - 10.222.0.255 is a memorable preset that is unlikely to conflict.
Address = 10.222.0.1/24
# The port that will be used to listen to connections. 51820 is the default.
ListenPort = 51820
# The output of `wg genkey` for the server.
PrivateKey = server-private-key-here
[Peer]
# Configuration for the server's client
# The output of `echo "client private key" | wg pubkey`.
PublicKey = client-public-key-here
# The IP address that this client is allowed to use.
AllowedIPs = 10.222.0.2/32
# Ensures that your home router does not kill the tunnel, by sending a ping
# every 25 seconds.
PersistentKeepalive = 25
[Interface]
# Configuration for the client
# The IP address that this client will have on the WireGuard network.
Address = 10.222.0.2/32
# The private key you generated for the client previously.
PrivateKey = your-client-private-key
[Peer]
# Configuration for the server to connect to
# The public key you generated for the server previously.
PublicKey = your-server-public-key
# The WireGuard server to connect to.
Endpoint = your-server-domain-name-or-IP-address:51820
# The subnet this WireGuard VPN is in control of.
AllowedIPs = 10.222.0.0/16
# Ensures that your home router does not kill the tunnel, by sending a ping
# every 25 seconds.
PersistentKeepalive = 25
@reduxionist
Copy link

Hi,

There's a typo on line 20 that sets a host address instead of a network for the subnet:
AllowedIPs should be 10.222.0.0/24, not 10.222.0.1/24 - wireguard issues a warning about the non-.0 network address when you start the vpn with the current config...

Thanks for sharing your code!

@flotwig
Copy link
Author

flotwig commented Jan 14, 2021

@reduxionist thx for the feedback, I've updated the example. I realized with what I had previously, I was unable to reach other hosts on the same VPN

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment