wireguard how to

lufy
February 16, 2022

1. install wireguard


dnf install epel-release elrepo-release
dnf install wireguard-tools kmod-wireguard

generate key pair


wg genkey | sudo tee privatekey | wg pubkey | sudo tee /etc/wireguard/publickey


edit /etc/wireguard/tun0.conf


[Interface]
PrivateKey = Paste-Server-Private-Key
Address = 10.5.0.1/24
ListenPort = 51820
SaveConfig = true

enable forwarding
sysctl -w net.ipv4.ip_forward=1
sysctl -p

enable service


systemctl enable wg-quick@tun0
systemctl start wg-quick@tun0


At client


dnf install epel-release elrepo-release
dnf install wireguard-tools kmod-wireguard
wg genkey | sudo tee privatekey | wg pubkey | sudo tee /etc/wireguard/publickey

edit /etc/wireguard/tun0.conf



[Interface]



PrivateKey = CLIENT-PRIVATE-KEY



Client address on the WireGuard network




Address = 10.5.0.2/24



[Peer]



PublicKey = SERVER-PUBLIC-KEY



IP Address of the server on the WireGuard network 


AllowedIPs = 10.5.0.1/24



#Vultr Server Public IP and Port

Endpoint = Server-IP:51820
PersistentKeepalive = 25


Start service


systemctl start wg-quick@tun0

Add client to server


wg set tun0 peer <client public key> allowed-ips 10.5.0.2

Done.


After all, here is how to remove a peer


wg set wg0 peer <client public key> remove



Back to Posts

Comments (0)

Leave a Comment
Maximum 1000 characters

No comments yet. Be the first to comment!

Previous Post Nginx settings
Next Post Centos8 mirror list eol