Difference between revisions of "Wireguard"
From Briki
(→Example Server Config) |
(→Example Server Config) |
||
| Line 22: | Line 22: | ||
==== Interface ==== | ==== Interface ==== | ||
;Address | ;Address | ||
| − | : | + | :Address of the server and the subnet that will be used for the private network. Optional, not sure what happens without it! |
;ListenPort | ;ListenPort | ||
| − | : | + | :Port on which the server will listen for connections (51820 is generally used) |
;PrivateKey | ;PrivateKey | ||
| − | : | + | :Private key for the server (used to encrypt traffic going back to the peer) |
==== Peer ==== | ==== Peer ==== | ||
Revision as of 05:19, 15 May 2024
Follow these guides:
- https://www.freecodecamp.org/news/build-your-own-wireguard-vpn-in-five-minutes/
- https://www.wireguardconfig.com/
But note that `AllowedIPs` on the client should be `AllowedIPs = 0.0.0.0/0, ::/0` to use as a VPN for everything (more detail here: https://docs.pi-hole.net/guides/vpn/wireguard/route-everything/)
Example Server Config
[Interface] Address = 192.168.130.1/24 ListenPort = 51820 PrivateKey = PRIV123 [Peer] PublicKey = PUB456 AllowedIPs = 192.168.130.2/32
Notes
Interface
- Address
- Address of the server and the subnet that will be used for the private network. Optional, not sure what happens without it!
- ListenPort
- Port on which the server will listen for connections (51820 is generally used)
- PrivateKey
- Private key for the server (used to encrypt traffic going back to the peer)
Peer
- PublicKey
- the public key for the peer (used to identify and authenticate traffic coming from the peer)
- AllowedIPs
- addresses from which the peer is allowed to send traffic (the subnet will typically be 32 here)
