WireGuard
Easy to setup VPN
Install
Linux
This install may replace the kernel, if so, reboot afterward.
apt update apt full-upgrade apt install wireguard wireguard-tools nftables iproute2
Setup
Configure VPN
Host 1 and Host 2
ip link add dev wg0 type wireguard
Host 1
ip address add dev wg0 192.168.44.10 peer 192.168.44.11
Host 2
ip address add dev wg0 192.168.44.11 peer 192.168.44.10
Host 1 and Host 2
cd /etc/wireguard wg genkey | tee private-key | wg pubkey > public-key touch wg0.conf chmod 600 * ls -1 private-key public-key wg0.conf
/etc/wireguard/wg.conf
[Interface] PrivateKey = PRIVATE-KEY Address = 10.44.0.1/24 ListenPort = 1234 [Peer] PublicKey = PUBLIC-KEY AllowedIPs = 10.44.0.2/32 Endpoint x.x.x.x:1234
Create VPN
Host 1 and Host 2
wg setconf wg0 /etc/wireguard/wg0.conf ip link set up dev wg0
Host 1
ping -c 1 192.168.44.11 PING 192.168.44.11 (192.168.44.11) 56(84) bytes of data. 64 bytes from 192.168.44.11: icmp_seq=1 ttl=64 time=30.4 ms --- 192.168.44.11 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 30.409/30.409/30.409/0.000 ms
Host 2
ping -c 1 192.168.44.10 PING 192.168.44.10 (192.168.44.10) 56(84) bytes of data. 64 bytes from 192.168.44.10: icmp_seq=1 ttl=64 time=30.4 ms --- 192.168.44.10 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 30.359/30.359/30.359/0.000 ms
Destroy VPN
Host 1 and Host 2
ip link delete dev wg0
See also
wg-quick
Enable the service to start at every boot
sudo systemctl enable wg-quick@wg0
Start it now
systemctl start wg-quick@wg0
