notes:setup-wireguard-vpn-on-debian9
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
notes:setup-wireguard-vpn-on-debian9 [2018/09/06 12:07] – admin | notes:setup-wireguard-vpn-on-debian9 [2019/02/02 21:48] (current) – admin | ||
---|---|---|---|
Line 3: | Line 3: | ||
-- //Tested with **Debian 9** (server side) and **Ubuntu 18.04** (client side) on **September 2018**// -- | -- //Tested with **Debian 9** (server side) and **Ubuntu 18.04** (client side) on **September 2018**// -- | ||
+ | ===== Server Setup ====== | ||
- | ==== Server | + | ==== Install WireGuard on the Server ==== |
- | + | ||
- | === Install WireGuard | + | |
Install WireGuard from Debian packages | Install WireGuard from Debian packages | ||
Line 18: | Line 17: | ||
sudo modprobe wireguard | sudo modprobe wireguard | ||
- | === Generate Server Keys === | + | ==== Generate Server Keys ==== |
Generate server private key with | Generate server private key with | ||
Line 28: | Line 27: | ||
and note down the generated public key (in our example will be '' | and note down the generated public key (in our example will be '' | ||
- | === Generate User Keys === | + | ==== Generate User Keys ==== |
Generate user private key (one per user!) with | Generate user private key (one per user!) with | ||
Line 39: | Line 38: | ||
and note down the generated public key (in our example will be '' | and note down the generated public key (in our example will be '' | ||
- | === Configure the Server === | + | ==== Configure the Server |
Check the name of the network interface with | Check the name of the network interface with | ||
Line 69: | Line 68: | ||
You can also change the ListenPort from 5544 to a different, unused port (and open the corresponding port on the server' | You can also change the ListenPort from 5544 to a different, unused port (and open the corresponding port on the server' | ||
- | === Start the server === | + | ==== Start the server |
Start Wireguard on the server with | Start Wireguard on the server with | ||
Line 79: | Line 78: | ||
sudo wg-quick down wg0s | sudo wg-quick down wg0s | ||
- | === Configure the Client === | + | ===== Client Setup ====== |
+ | |||
+ | ==== Install WireGuard on the Client ==== | ||
+ | |||
+ | Install wireguard on your Ubuntu client with | ||
+ | sudo add-apt-repository ppa: | ||
+ | sudo apt-get update | ||
+ | sudo apt-get install wireguard | ||
+ | |||
+ | ==== Configure the Client | ||
Now, create a file for the wireguard interface ('' | Now, create a file for the wireguard interface ('' | ||
Line 86: | Line 94: | ||
[Interface] | [Interface] | ||
- | Address = 172.16.16.3/24 | + | Address = 172.16.16.2/24 |
SaveConfig = true | SaveConfig = true | ||
ListenPort = 47824 | ListenPort = 47824 | ||
Line 98: | Line 106: | ||
PersistentKeepalive = 10 | PersistentKeepalive = 10 | ||
- | === Start the client === | + | ==== Start the client |
Start Wireguard on with | Start Wireguard on with | ||
Line 108: | Line 116: | ||
sudo wg-quick down wg0c | sudo wg-quick down wg0c | ||
- | === Throubleshooting === | + | ===== Throubleshooting |
- Do not mess up the keys - it's quite easy to switch client and server, public and private (and break the tunnel) | - Do not mess up the keys - it's quite easy to switch client and server, public and private (and break the tunnel) | ||
- If you have a firewall running on your server, open the corresponding UDP port (5544 in the example above) | - If you have a firewall running on your server, open the corresponding UDP port (5544 in the example above) | ||
- | + | - If you are behind the Great Firewall, probably it will not work |
notes/setup-wireguard-vpn-on-debian9.1536235633.txt.gz · Last modified: 2018/09/06 12:07 by admin