User Tools

Site Tools


notes:setup-wireguard-vpn-on-debian9

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
notes:setup-wireguard-vpn-on-debian9 [2019/02/02 21:47]
admin [Client Setup]
notes:setup-wireguard-vpn-on-debian9 [2019/02/02 21:48] (current)
admin
Line 3: Line 3:
 -- //Tested with **Debian 9** (server side) and **Ubuntu 18.04** (client side) on **September 2018**// -- -- //Tested with **Debian 9** (server side) and **Ubuntu 18.04** (client side) on **September 2018**// --
  
-==== Server Setup =====+===== Server Setup ======
  
-=== Install WireGuard on the Server ===+==== Install WireGuard on the Server ​====
  
 Install WireGuard from Debian packages Install WireGuard from Debian packages
Line 17: Line 17:
   sudo modprobe wireguard   sudo modprobe wireguard
  
-=== Generate Server Keys ===+==== Generate Server Keys ====
  
 Generate server private key with Generate server private key with
Line 27: Line 27:
 and note down the generated public key (in our example will be ''​SeRvErPUBLICkEySeRvErPUBLICkEySeRvErPUBLICk=''​). and note down the generated public key (in our example will be ''​SeRvErPUBLICkEySeRvErPUBLICkEySeRvErPUBLICk=''​).
  
-=== Generate User Keys ===+==== Generate User Keys ====
  
 Generate user private key (one per user!) with Generate user private key (one per user!) with
Line 38: Line 38:
 and note down the generated public key (in our example will be ''​UsEr1PUBLICkEyUsEr1PUBLICkEyUsEr1PUBLICkey=''​). and note down the generated public key (in our example will be ''​UsEr1PUBLICkEyUsEr1PUBLICkEyUsEr1PUBLICkey=''​).
  
-=== Configure the Server ===+==== Configure the Server ​====
  
 Check the name of the network interface with Check the name of the network interface with
Line 68: Line 68:
 You can also change the ListenPort from 5544 to a different, unused port (and open the corresponding port on the server'​s firewall). You can also change the ListenPort from 5544 to a different, unused port (and open the corresponding port on the server'​s firewall).
  
-=== Start the server ===+==== Start the server ​====
  
 Start Wireguard on the server with Start Wireguard on the server with
Line 78: Line 78:
   sudo wg-quick down wg0s   sudo wg-quick down wg0s
  
-==== Client Setup =====+===== Client Setup ======
  
-=== Install WireGuard on the Client ===+==== Install WireGuard on the Client ​====
  
 Install wireguard on your Ubuntu client with Install wireguard on your Ubuntu client with
Line 87: Line 87:
   sudo apt-get install wireguard   sudo apt-get install wireguard
  
-=== Configure the Client ===+==== Configure the Client ​====
  
 Now, create a file for the wireguard interface (''​wg0c''​ in our example) on your Ubuntu client Now, create a file for the wireguard interface (''​wg0c''​ in our example) on your Ubuntu client
Line 106: Line 106:
   PersistentKeepalive = 10   PersistentKeepalive = 10
  
-=== Start the client ===+==== Start the client ​====
  
 Start Wireguard on with Start Wireguard on with
Line 116: Line 116:
   sudo wg-quick down wg0c   sudo wg-quick down wg0c
  
-=== Throubleshooting ===+===== Throubleshooting ​=====
  
   - Do not mess up the keys - it's quite easy to switch client and server, public and private (and break the tunnel)   - Do not mess up the keys - it's quite easy to switch client and server, public and private (and break the tunnel)
   - If you have a firewall running on your server, open the corresponding UDP port (5544 in the example above)   - If you have a firewall running on your server, open the corresponding UDP port (5544 in the example above)
   - If you are behind the Great Firewall, probably it will not work   - If you are behind the Great Firewall, probably it will not work
notes/setup-wireguard-vpn-on-debian9.txt ยท Last modified: 2019/02/02 21:48 by admin