Install the packages and generate keys:
apt install wireguard resolvconf wg genkey | sudo tee /etc/wireguard/private.key chmod go= /etc/wireguard/private.key cat /etc/wireguard/private.key | wg pubkey | sudo tee
Server config file:
[Interface] Address = 10.5.5.1/24 ListenPort = 51820 # Use your own private key, from /etc/wireguard/privatekey PrivateKey = your_key [Peer] # Workstation public key PublicKey = your_key # VPN client's IP address in the VPN AllowedIPs = 10.5.5.2/32 [Peer] # laptop public key PublicKey = your_key # VPN client's IP address in the VPN AllowedIPs = 10.5.5.3/32
Client config file:
[Interface] # The address your computer will use on the VPN Address = 10.5.5.2/32 DNS = 8.8.8.8 # Load your privatekey from file PostUp = wg set %i private-key /etc/wireguard/privatekey # Also ping the vpn server to ensure the tunnel is initialized PostUp = ping -c1 10.47.47.1 [Peer] # VPN server's wireguard public key PublicKey = your_key # Public IP address of your VPN server (USE YOURS!) Endpoint = 54.160.21.183:51820 # 10.0.0.0/24 is the VPN subnet AllowedIPs = 10.47.47.0/24 # PersistentKeepalive = 25
See the WireGuard installation guides here.