xarinatan/Wireguard howto.md

Last active August 14, 2018 21:33

Star (0) You must be signed in to star a gist
Fork (0) You must be signed in to fork a gist

Learn more about clone URLs
Clone this repository at <script src="https://gist.github.com/xarinatan/f22ec9475987bb4669a79c3a1c35f0ea.js"></script>
Save xarinatan/f22ec9475987bb4669a79c3a1c35f0ea to your computer and use it in GitHub Desktop.

Download ZIP

Quick howto and some useful links for setting up Wireguard VPN

Raw

Wireguard howto.md

Install wireguard if required.
wg genkey | tee wgprivatekey | wg pubkey > wgpublickey
note your private key is along with the public key in the folder you just executed the above commands in.
grab the generated privatekey and put it at the logical place with the rest of this config in /etc/wireguard/someinterface.conf

[Interface]
PrivateKey = PRIVKEYHERE
ListenPort = SOMEPORT
Address = LOCALVPNADDRESS/SUBNET
[Peer]
PublicKey = REMOTEPUBKEYHERE
Endpoint = REMOTEINTERNETIPHERE (clients only) 
AllowedIPs = LOCALVPNIP/SUBNET

Do the same on the client
Bring the VPN up by doing wg-quick up someinterface
Give yourself a pat on the shoulder (either shoulder works for this purpose)

Notes

LOCALVPNADDRESS is the IP address the machine will have inside the VPN, not on the internet. That's what the Endpoint parameter is for.
you only need to have an Endpoint on one of the two machines, after a connection is established they'll automatically roam to new IPs without configuration.
to get the public key you have to echo the private key into wg pubkey. The command will otherwise appear to hang.

Useful links

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment