bowlerdesign.tech
Posted on November 16, 2020
Introduction
We're going to cover setting up a Wireguard VPN on your home server or cloud service. For secure remote access to your internal network, or a cheap, secure connection to a cloud service for some increased privacy when browsing online.
VPN's don't make you anonymous, there's a lot of stigma around this. Here's some helpful information if you want to read into this some more.
Setting up Wireguard, the easy way
I initially found setting up Wireguard confusing. Keys kept getting mixed up, I had no way of sending public keys between devices so that I could set up a client on my mobile device etc..
After around 30 seconds of lazy Duck Duck Go'ing (Not quite the same ring to it). I found a script on Github provided by angristan. Here's the repo.
It's just a bash script which does all of the config for you, but still providing user prompts for entering the public server IP and choosing a preferred DNS address for the server.
Step 1: Clone and execute the Wireguard Installer
After ssh'ing to your server, whether it's local, or cloud-hosted. If you're thinking of cloud hosting your Wireguard VPN for some privacy, I'd highly recommend using Digital Ocean. Using the following link will give you $100 worth of credits for 60 days to play around with, just sign up using this link.
Anyway, after you have accessed your machine, we need to pull down the Wireguard installer code from Github. We're just going to curl
it.
curl -O https://raw.githubusercontent.com/angristan/wireguard-install/master/wireguard-install.sh
Now we just need to change the file permissions to allow execution of the new .sh
scipt we've just downloaded.
sudo chmod +x wireguard-install.sh
Finally, execute the Wireguard Installer
sudo ./wireguard-install.sh
Step 2: Configuring Wireguard
This is the easy part.
You'll see below the process of setting up Wireguard using the Wireguard Installer. All of the values below were picked for me, I just had to hit return
a few times.
ā Ed sudo ./wireguard-install.sh
Welcome to the WireGuard installer!
The git repository is available at: https://github.com/angristan/wireguard-install
I need to ask you a few questions before starting the setup.
You can leave the default options and just press enter if you are ok with them.
IPv4 or IPv6 public address: 37.120.198.182
Public interface: eth2
WireGuard interface name: wg0
Server's WireGuard IPv4: 10.66.66.1
Server's WireGuard IPv6: fd42:42:42::1
Server's WireGuard port [1-65535]: 57281
First DNS resolver to use for the clients: 176.103.130.130
Second DNS resolver to use for the clients (optional): 176.103.130.131
Okay, that was all I needed. We are ready to setup your WireGuard server now.
You will be able to generate a client at the end of the installation.
Press any key to continue...
After running through those steps above, the Wireguard Installer will do its thing and set up Wireguard for you. You'll eventually be left with a prompt to set up a new client.
Tell me a name for the client.
The name must consist of alphanumeric character. It may also include an underscore or a dash.
Client name: Phone
Client's WireGuard IPv4: 10.66.66.2
Client's WireGuard IPv6: fd42:42:42::2
Here's my config, I just entered a name and the rest was generated for me.
What's also really cool, is that a QR code gets generated in the console window, which you can scan with your new device.
You'll also have a .conf
file generated for you to copy to your device.
Portforwarding
Remember we had to specify a port? We'll need to forward that. There are a million different tutorials on the web for how to port-forward for your router.
Here's a handy guide.
Final steps
All that's now left to do is to set up Wireguard on your device. Simply download the required app/program onto your machine and either scan the provided QR code or import that .conf
file into your client.
Then enable your VPN. Let me know how it goes.
Posted on November 16, 2020
Join Our Newsletter. No Spam, Only the good stuff.
Sign up to receive the latest update from our blog.