Skip to content

Instantly share code, notes, and snippets.

@jaonoctus

jaonoctus/wg0-client.conf

Created December 1, 2024 07:00
Show Gist options
  • Save jaonoctus/9f00a34de29b89b0f67f2348e9b2f8b2 to your computer and use it in GitHub Desktop.
Save jaonoctus/9f00a34de29b89b0f67f2348e9b2f8b2 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
wg0-client.conf
[Interface]
PrivateKey = YPRIV
Address = 10.0.0.2/24
# DNS = 1.1.1.1
[Peer]
PublicKey = XPUB
AllowedIPs = 10.0.0.0/24
Endpoint = XPUBLICIP:51820
PersistentKeepalive = 25
Raw
wg0-server.conf
[Interface]
Address = 10.0.0.1/24
SaveConfig = true
ListenPort = 51820
PrivateKey = XPRIV
[Peer]
PublicKey = YPUB
AllowedIPs = 10.0.0.2/32
@jaonoctus
Copy link
Author

jaonoctus commented Dec 1, 2024
edited
Loading

install dependencies

apt install wireguard openresolv

generate keypair

wg genkey | tee wg0-private.key | wg pubkey | tee wg0-public.key

enable port forwarding

echo "net.ipv4.ip_forward=1" >> /etc/sysctl.conf
sudo sysctl -p

forward service

sudo iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 8080 -j DNAT --to-destination 10.0.0.2:80
sudo iptables -t nat -A POSTROUTING -o wg0 -p tcp -d 10.0.0.2 --dport 80 -j MASQUERADE
sudo iptables -t nat -A OUTPUT -p tcp -d 10.11.12.22 --dport 8080 -j DNAT --to-destination 10.0.0.2:80

start

wg-quick up wg0

add peer

wg set wg0 peer YPUBKEY allowed-ips 10.0.0.2/32

test port

nc -zv 10.0.0.2 3333

autostart

sudo systemctl enable wg-quick@wg0
sudo systemctl start wg-quick@wg0

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment