notes:setup-wireguard-vpn-on-debian9
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionLast revisionBoth sides next revision | ||
notes:setup-wireguard-vpn-on-debian9 [2018/09/06 12:01] – admin | notes:setup-wireguard-vpn-on-debian9 [2019/02/02 21:47] – [Client Setup] admin | ||
---|---|---|---|
Line 2: | Line 2: | ||
-- //Tested with **Debian 9** (server side) and **Ubuntu 18.04** (client side) on **September 2018**// -- | -- //Tested with **Debian 9** (server side) and **Ubuntu 18.04** (client side) on **September 2018**// -- | ||
- | |||
==== Server Setup ===== | ==== Server Setup ===== | ||
- | === Install WireGuard === | + | === Install WireGuard |
Install WireGuard from Debian packages | Install WireGuard from Debian packages | ||
Line 52: | Line 51: | ||
ip a show dev ens32 | ip a show dev ens32 | ||
- | Now, create a file for the wireguard interface ('' | + | Now, create a file for the wireguard interface ('' |
- | sudo vim / | + | sudo vim / |
and add the following content (replace the sample keys with your actually generated keys and ens32 with your server' | and add the following content (replace the sample keys with your actually generated keys and ens32 with your server' | ||
Line 69: | Line 68: | ||
You can also change the ListenPort from 5544 to a different, unused port (and open the corresponding port on the server' | You can also change the ListenPort from 5544 to a different, unused port (and open the corresponding port on the server' | ||
+ | === Start the server === | ||
+ | |||
+ | Start Wireguard on the server with | ||
+ | sudo wg-quick up wg0s | ||
+ | and check if the VPN tunnel is up and running with | ||
+ | wg show | ||
+ | |||
+ | If needed, you can kill the tunnel with | ||
+ | sudo wg-quick down wg0s | ||
+ | |||
+ | ==== Client Setup ===== | ||
+ | |||
+ | === Install WireGuard on the Client === | ||
+ | |||
+ | Install wireguard on your Ubuntu client with | ||
+ | sudo add-apt-repository ppa: | ||
+ | sudo apt-get update | ||
+ | sudo apt-get install wireguard | ||
=== Configure the Client === | === Configure the Client === | ||
- | Now, create a file for the wireguard interface ('' | + | Now, create a file for the wireguard interface ('' |
- | sudo vim / | + | sudo vim / |
and add the following content (remember replace the IP address of the Endpoint with server public address and the keys). | and add the following content (remember replace the IP address of the Endpoint with server public address and the keys). | ||
[Interface] | [Interface] | ||
- | Address = 172.16.16.3/24 | + | Address = 172.16.16.2/24 |
SaveConfig = true | SaveConfig = true | ||
ListenPort = 47824 | ListenPort = 47824 | ||
Line 89: | Line 106: | ||
PersistentKeepalive = 10 | PersistentKeepalive = 10 | ||
+ | === Start the client === | ||
+ | Start Wireguard on with | ||
+ | sudo wg-quick up wg0c | ||
+ | and check if the VPN tunnel is up and running with | ||
+ | wg show | ||
+ | If needed, you can kill the tunnel with | ||
+ | sudo wg-quick down wg0c | ||
+ | === Throubleshooting === | ||
+ | - Do not mess up the keys - it's quite easy to switch client and server, public and private (and break the tunnel) | ||
+ | - If you have a firewall running on your server, open the corresponding UDP port (5544 in the example above) | ||
+ | - If you are behind the Great Firewall, probably it will not work |
notes/setup-wireguard-vpn-on-debian9.txt · Last modified: 2019/02/02 21:48 by admin