Quick Start
Server:
1 2 3 4 5 6 7 8 9
| sudo apt update sudo apt install wireguard
wg genkey | sudo tee /etc/wireguard/private.key sudo chmod go= /etc/wireguard/private.key
sudo cat /etc/wireguard/private.key | wg pubkey | sudo tee /etc/wireguard/public.key
sudo vim /etc/wireguard/wg0.conf
|
1 2 3 4 5 6
| [Interface] PrivateKey = base64_encoded_private_key_goes_here Address = 10.0.0.1/24 ListenPort = 51820 SaveConfig = true
|
1 2 3
| wg-quick up wg0 systemctl enable wg-quick@wg0 systemctl status wg-quick@wg0
|
Peer client:
- Same steps but different conf file
1 2 3 4 5 6 7 8 9 10
| [Interface] PrivateKey = base64_encoded_peer_private_key_goes_here Address = 10.0.0.2/24 PostUp = ping -c1 10.0.0.1
[Peer] PublicKey = base64_encoded_server_public_key AllowedIPs = 10.0.0.0/24 Endpoint = 192.168.248.129:51820
|
Finally, add peer to server config
1
| sudo wg set wg0 peer <peer_public_key> allowed-ips 10.0.0.2
|
alternatively, put the following in the server config
1 2 3 4 5
| ...
[Peer] PublicKey = <peer_public_key> AllowedIPs = 10.0.0.2/24
|
To stop:
1 2
| sudo systemctl disable wg-quick@wg0 sudo wg-quick down wg0
|