Setting up Wireguard
just a place to documenting my homelab
sudo apt-get update && sudo apt-get upgrade -ysudo apt-get install wireguardsudo nano /etc/sysctl.confnet.ipv4.ip_forward=1sudo sysctl -pcd /etc/wireguard
umask 077
wg genkey | tee privatekey | wg pubkey > publickey
sudo nano /etc/wireguard/wg0.conf[Interface]
PrivateKey = <privatekey server>
Address = 10.0.0.1/24
# PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o ens33 -j MASQUERADE
# PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o ens33 -j MASQUERADE
PostUp = iptables -A FORWARD -i wg0 -o ens33 -j ACCEPT; iptables -A FORWARD -i ens33 -o wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o ens33 -j MASQUERADE
PostDown = iptables -D FORWARD -i wg0 -o ens33 -j ACCEPT; iptables -D FORWARD -i ens33 -o wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o ens33 -j MASQUERADE
ListenPort = 51820
Table = off
[Peer]
PublicKey = <client public key>
AllowedIPs = 10.0.0.2/32 , 192.168.0.0/24 , 192.168.0.146/32References
Last updated