Linux Consulting & Training

User Tools

Site Tools

Trace:
notes:setup-wireguard-vpn-on-debian9

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
Last revisionBoth sides next revision
notes:setup-wireguard-vpn-on-debian9 [2018/09/06 12:01] adminnotes:setup-wireguard-vpn-on-debian9 [2019/02/02 21:47] – [Client Setup] admin
Line 2: Line 2:
  
 -- //Tested with **Debian 9** (server side) and **Ubuntu 18.04** (client side) on **September 2018**// -- -- //Tested with **Debian 9** (server side) and **Ubuntu 18.04** (client side) on **September 2018**// --
- 
  
 ==== Server Setup ===== ==== Server Setup =====
  
-=== Install WireGuard ===+=== Install WireGuard on the Server ===
  
 Install WireGuard from Debian packages Install WireGuard from Debian packages
Line 52: Line 51:
   ip a show dev ens32   ip a show dev ens32
  
-Now, create a file for the wireguard interface (''wg0'' in our example) with +Now, create a file for the wireguard interface (''wg0s'' in our example) with 
-  sudo vim /etc/wireguard/wg0.conf+  sudo vim /etc/wireguard/wg0s.conf
 and add the following content (replace the sample keys with your actually generated keys and ens32 with your server's public interface): and add the following content (replace the sample keys with your actually generated keys and ens32 with your server's public interface):
  
Line 69: Line 68:
 You can also change the ListenPort from 5544 to a different, unused port (and open the corresponding port on the server's firewall). You can also change the ListenPort from 5544 to a different, unused port (and open the corresponding port on the server's firewall).
  
 +=== Start the server ===
 +
 +Start Wireguard on the server with
 +  sudo wg-quick up wg0s
 +and check if the VPN tunnel is up and running with
 +  wg show
 +
 +If needed, you can kill the tunnel with
 +  sudo wg-quick down wg0s
 +
 +==== Client Setup =====
 +
 +=== Install WireGuard on the Client ===
 +
 +Install wireguard on your Ubuntu client with
 +  sudo add-apt-repository ppa:wireguard/wireguard
 +  sudo apt-get update
 +  sudo apt-get install wireguard
  
 === Configure the Client === === Configure the Client ===
  
-Now, create a file for the wireguard interface (''wg0'' in our example) on your client +Now, create a file for the wireguard interface (''wg0c'' in our example) on your Ubuntu client 
-  sudo vim /etc/wireguard/wg0.conf+  sudo vim /etc/wireguard/wg0c.conf
 and add the following content (remember replace the IP address of the Endpoint with server public address and the keys). and add the following content (remember replace the IP address of the Endpoint with server public address and the keys).
  
   [Interface]   [Interface]
-  Address = 172.16.16.3/24+  Address = 172.16.16.2/24
   SaveConfig = true   SaveConfig = true
   ListenPort = 47824   ListenPort = 47824
Line 89: Line 106:
   PersistentKeepalive = 10   PersistentKeepalive = 10
  
 +=== Start the client ===
  
 +Start Wireguard on with
 +  sudo wg-quick up wg0c
 +and check if the VPN tunnel is up and running with
 +  wg show
  
 +If needed, you can kill the tunnel with
 +  sudo wg-quick down wg0c
  
 +=== Throubleshooting ===
  
 +  - Do not mess up the keys - it's quite easy to switch client and server, public and private (and break the tunnel) 
 +  - If you have a firewall running on your server, open the corresponding UDP port (5544 in the example above) 
 +  - If you are behind the Great Firewall, probably it will not work
notes/setup-wireguard-vpn-on-debian9.txt · Last modified: 2019/02/02 21:48 by admin