Skip to content

Instantly share code, notes, and snippets.

@cnmoro
Last active August 22, 2021 03:00
Show Gist options
  • Save cnmoro/8bff77e1a8b58f03f6b7138118134e12 to your computer and use it in GitHub Desktop.
Save cnmoro/8bff77e1a8b58f03f6b7138118134e12 to your computer and use it in GitHub Desktop.
WireGuard Server+Client Configuration
SERVER-SIDE
$ sudo apt install wireguard
$ sudo -i
$ cd /etc/wireguard/
$ umask 077; wg genkey | tee privatekey | wg pubkey > publickey
$ cat privatekey
( Save the key )
$ cat publickey
( Save the key )
$ sudo nano /etc/wireguard/wg0.conf
[Interface]
## VPN server private IP ##
Address = 192.168.6.1/24
## My VPN server port ##
ListenPort = 41194
## VPN server private key /etc/wireguard/privatekey ##
PrivateKey = (SERVER KEY)
$ sudo ufw allow 41194/udp
$ sudo ufw status
$ sudo systemctl enable wg-quick@wg0
$ sudo systemctl start wg-quick@wg0
$ sudo wg
$ sudo ip a show wg0
# Allows peers to see each other
$ sysctl -w net.ipv4.ip_forward=1; iptables -I FORWARD -i wg0 -o wg0 -j ACCEPT
--------------------------------------------------------
CLIENT-SIDE
$ sudo apt install wireguard
$ sudo sh -c 'umask 077; touch /etc/wireguard/wg0.conf'
$ sudo -i
$ cd /etc/wireguard/
$ umask 077; wg genkey | tee privatekey | wg pubkey > publickey
$ cat privatekey
( Save the key )
$ cat publickey
( Save the key )
$ sudo nano /etc/wireguard/wg0.conf
[Interface]
## This Client's private key ##
PrivateKey = (CLIENT KEY)
## Client ip address - Change the '.2' ##
Address = 192.168.6.2/24
[Peer]
## Ubuntu 20.04 server public key ##
PublicKey = (SERVER PUBLIC KEY)
## set ACL ##
AllowedIPs = 192.168.6.0/24
## Your Server's public IPv4/IPv6 address and port ##
Endpoint = (SERVER GLOBAL IP):41194
## Key connection alive ##
PersistentKeepalive = 15
$ sudo systemctl enable wg-quick@wg0
$ sudo systemctl start wg-quick@wg0
$ sudo systemctl status wg-quick@wg0
--------------------------------------------------------
SERVER UPDATE TO ACCEPT NEW CLIENT
$ sudo systemctl stop wg-quick@wg0
$ sudo nano /etc/wireguard/wg0.conf
[Peer]
## Client VPN public key ##
PublicKey = (CLIENT PUBLIC KEY)
## client VPN IP address (note the /32 subnet) - Change the '.2' ##
AllowedIPs = 192.168.6.2/32
$ sudo systemctl start wg-quick@wg0
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment