Skip to content

Instantly share code, notes, and snippets.

@wulab

wulab/wireguard.md

Last active April 27, 2020 18:43
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save wulab/21f7a1db4de2afb3f596433e7a7a7465 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save wulab/21f7a1db4de2afb3f596433e7a7a7465 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
wireguard.md

How to install WireGuard

Server

Ubuntu 18.04.4 LTS

$ sudo add-apt-repository ppa:wireguard/wireguard
$ sudo apt update
$ sudo apt install wireguard
$ wg genkey | tee privatekey | wg pubkey > publickey

$ sudo vi /etc/sysctl.conf
# Uncomment the next line to enable packet forwarding for IPv4
net.ipv4.ip_forward=1

$ sudo vi /etc/wireguard/wg0.conf
[Interface]
Address = 10.0.0.1/24
SaveConfig = true
PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -A FORWARD -o %i -j ACCEPT; iptables -t nat -A POSTROUTING -o <interface_name> -j MASQUERADE;
PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -D FORWARD -o %i -j ACCEPT; iptables -t nat -D POSTROUTING -o <interface_name> -j MASQUERADE;
ListenPort = 51820
PrivateKey = <server_privatekey>

[Peer]
PublicKey = <client_publickey>
AllowedIPs = 10.0.0.0/24

$ sudo systemctl start wg-quick@wg0
$ sudo wg

Client

macOS Catalina

WireGuard > Manage Tunnels > Add Empty Tunnel...
[Interface]
PrivateKey = <client_privatekey>
Address = 10.0.0.10/24
DNS = <gateway_ip_address>

[Peer]
PublicKey = <server_publickey>
AllowedIPs = 0.0.0.0/0
Endpoint = <server_fqdn>:51820
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment