WireGuard® is an extremely simple yet fast and modern VPN that utilizes state-of-the-art cryptography. It aims to be faster, simpler, leaner, and more useful than IPsec, while avoiding the massive hea
Last updated
Was this helpful?
Want to watch YouTube TV but your local channels aren't available? Try WireGuard VPN to bypass their location services. They noticed my VPN when using OpenVPN :-(
Or use WireGuard as an alternative way to connect to your home lab with a VPN
Install Ubuntu Server Install WireGuard on Ubuntu Server Install WireGuard on Client
If Ubuntu >19.10
sudo apt install wireguard
If Ubuntu < 19.10
sudo add-apt-repository ppa:wireguard/wireguard
sudo apt-get update
sudo apt-get install wireguard
Generate a public and private key
mkdir -p /etc/wireguard/keys
cd /etc/wireguard/keys
umask 044
wg genkey | tee privatekey | wg pubkey > publickey
Create the WireGuard config file and add the contents below
/etc/wireguard/wg0.conf
The Address field is the range of IPs you will be assigning to the clients. When the client connects, the iptables rule handles the NAT in order to provide the client the IP address of the server. Saveconfig allows the new peer to be added to the config file when the service is running.
Make sure to port forward 51820 UDP on pfSense under Firewall -> NAT
Allow the server/clients access to the internet Firewall -> Rules
Start WireGuard
wg-quick up wg0
Enable start up on boot
systemctl enable wg-quick@wg0
Verify if VPN connection is listening (should see listening connection)
wg show
WireGuard should have been installed on the client by now, if not go to https://www.wireguard.com/install/ On Windows: Open the application, Click the dropdown next to add tunnel and select empty tunnel. Add the following contents
You should be able to connect to your home network now.
To verify if the connection was successful run wg show on the wireguard server and you should see the peer information.
