User Tools

Site Tools


notes:setup-wireguard-vpn-on-debian9

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision
Previous revision
notes:setup-wireguard-vpn-on-debian9 [2018/09/06 12:11] adminnotes:setup-wireguard-vpn-on-debian9 [2019/02/02 21:48] (current) admin
Line 3: Line 3:
 -- //Tested with **Debian 9** (server side) and **Ubuntu 18.04** (client side) on **September 2018**// -- -- //Tested with **Debian 9** (server side) and **Ubuntu 18.04** (client side) on **September 2018**// --
  
-==== Server Setup =====+===== Server Setup ======
  
-=== Install WireGuard on the Server ===+==== Install WireGuard on the Server ====
  
 Install WireGuard from Debian packages Install WireGuard from Debian packages
Line 17: Line 17:
   sudo modprobe wireguard   sudo modprobe wireguard
  
-=== Generate Server Keys ===+==== Generate Server Keys ====
  
 Generate server private key with Generate server private key with
Line 27: Line 27:
 and note down the generated public key (in our example will be ''SeRvErPUBLICkEySeRvErPUBLICkEySeRvErPUBLICk=''). and note down the generated public key (in our example will be ''SeRvErPUBLICkEySeRvErPUBLICkEySeRvErPUBLICk='').
  
-=== Generate User Keys ===+==== Generate User Keys ====
  
 Generate user private key (one per user!) with Generate user private key (one per user!) with
Line 38: Line 38:
 and note down the generated public key (in our example will be ''UsEr1PUBLICkEyUsEr1PUBLICkEyUsEr1PUBLICkey=''). and note down the generated public key (in our example will be ''UsEr1PUBLICkEyUsEr1PUBLICkEyUsEr1PUBLICkey='').
  
-=== Configure the Server ===+==== Configure the Server ====
  
 Check the name of the network interface with Check the name of the network interface with
Line 68: Line 68:
 You can also change the ListenPort from 5544 to a different, unused port (and open the corresponding port on the server's firewall). You can also change the ListenPort from 5544 to a different, unused port (and open the corresponding port on the server's firewall).
  
-=== Start the server ===+==== Start the server ====
  
 Start Wireguard on the server with Start Wireguard on the server with
Line 78: Line 78:
   sudo wg-quick down wg0s   sudo wg-quick down wg0s
  
-==== Client Setup =====+===== Client Setup ======
  
-=== Install WireGuard on the Client ===+==== Install WireGuard on the Client ====
  
 Install wireguard on your Ubuntu client with Install wireguard on your Ubuntu client with
Line 87: Line 87:
   sudo apt-get install wireguard   sudo apt-get install wireguard
  
-=== Configure the Client ===+==== Configure the Client ====
  
 Now, create a file for the wireguard interface (''wg0c'' in our example) on your Ubuntu client Now, create a file for the wireguard interface (''wg0c'' in our example) on your Ubuntu client
Line 106: Line 106:
   PersistentKeepalive = 10   PersistentKeepalive = 10
  
-=== Start the client ===+==== Start the client ====
  
 Start Wireguard on with Start Wireguard on with
Line 116: Line 116:
   sudo wg-quick down wg0c   sudo wg-quick down wg0c
  
-=== Throubleshooting ===+===== Throubleshooting =====
  
   - Do not mess up the keys - it's quite easy to switch client and server, public and private (and break the tunnel)   - Do not mess up the keys - it's quite easy to switch client and server, public and private (and break the tunnel)
   - If you have a firewall running on your server, open the corresponding UDP port (5544 in the example above)   - If you have a firewall running on your server, open the corresponding UDP port (5544 in the example above)
-  - You are behind the Great Firewall+  - If you are behind the Great Firewall, probably it will not work
notes/setup-wireguard-vpn-on-debian9.1536235884.txt.gz · Last modified: 2018/09/06 12:11 by admin