在Linux和Windows 10上設置Wireguard VPN

23 comments

1. The Wireguard client for Windows has been released. Please use that instead of Tunsafe. You can download it here – https://www.wireguard.com/install/
   I will update the video, but it's really very easy to set up. Create the config files as shown in the video, and then import it into the Wireguard client. There's no real difference.

2. Hi, its a great manual, thanks. Just one question. Peer section isn't working, if i add to config SaveConfig = True i see that.
   Do you have any ideas?
   conf file looks like:
   [Interface]
   Address = 127.0.0.1
   SaveConfig = true

   PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE; ip6tables -A FORWARD -i %i -j ACCEPT; ip6tables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
   PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE; ip6tables -D FORWARD -i %i -j ACCEPT; ip6tables -t nat -D POSTROUTING -o eth0 -j MASQUERADE

   ListenPort = 54888
   PrivateKey = dfdsfWIAgN4Q1j/RLqnGY4qh6Dy6bKqy74RFdfdfddf=

   [Peer]
   PublicKey = wddfddfqgWE3dA3GhWFnaQvZfUQAdfddfhM5Ws=
   AllowedIPs = 192.168.9.2/32

   [Peer]
   PublicKey = wwQMdFd9S1fNlqgWE3dA3GhWFnaQvZfUQAePz0hM5Ws=
   AllowedIPs = 192.168.9.3/32

3. Hey, so I followed your great Tutorial and have everything working. Now I wanted to try hosting a Minecraft Server (port 25565) on my Windows machine as an example, but I can't seem to reach it using my VPS's public IP… Also if I portscan the public IP all ports (except 22) are closed. Do I have to do something more on iptables to make it work? The VPS's Firewall is deactivated.

4. It's not clear in your video what you mean by addresses 192.168.9.1 -3 . Are they pre-existing IP addresses of your clients, or are they IPs for a separate VPN network you'd be creating? WHY NOT CLARIFY?
   Your demo is one of the better ones, but there are so many of these crappy official blogs which don't clarify anything. Same thing with OpenVPN! Why build a product, and not clearly write up how to USE IT!

5. I followed everything. My wireguard server is running on an openwrt router, and my client is Windows.
   Mine is stuck sending and waiting for handshake. LOG:
   [20:02:24] Sending handshake…
   
   [20:02:29] Retrying handshake, attempt 2…
   
   [20:02:34] Retrying handshake, attempt 3…
   
   [20:02:40] Retrying handshake, attempt 4…
   
   [20:02:45] Retrying handshake, attempt 5…

6. Hi, what version of Windows 10 are you using? It's not working for me and I am using version 1909; it connects to the server, I can ping the server local IP, but can't access the Internet.

   Occasionally, I am able to access to Bing, Google, and sometimes YouTube. I have rebooted both the server and the client and I have also tried both WireGuard and TunSafe client to no avail.

   However, the same config file works well on my Android device using the official WireGuard Android client.

   For others reading this comment, here's a script to make the process easier: https://github.com/angristan/wireguard-install

7. Maybe I missed it but in your setup you know the clients IP address in advance since you're on a LAN where you can have statically assigned IP addresses. And it looks like the server NEEDS to know the clients IP addresses ahead of time.
   If you set up the server part on a home server say Ubuntu 19.10 server and you have a dynamic IP address from your ISP you can use a DDNS service so you can reach your LAN's server using a URL so you can connect using SSH.
   My questions are:

   How could you use wireshark from say your laptop when you're traveling never knowing what your next IP address will be?
   Do you have to SSH into the server and configure it for whatever IP address you have each time, then restart the service before you can connect thru it or is there a way set it up using a DDNS service?
   Can the DDNS URL be used in place of the clients IP address?
   Well done video otherwise.
   Thanks in advance

8. one of the easiest and straight to point tutorials I've seen. Thank you for your time.

9. Hello sir how do u do the DNS config here or just let it set automatically?

10. Hi, may I ask that when we set wifeguard up like this, whenever we browse the internet using our client machine, the IP/location shown will be that of our Server』s IP/location? Thank u for a great video.

11. hi
    can you please help me ??
    i have trying for several days and lost so many hours and cant put my mullvad wireguard account on my openwrt router.

    Please, help me

12. Right now saw i the Wireguard has Client for windows 10 ! the question is ( i cant find anywhere ) ! i must have to install Wireguard on Cloud Server and windows as well ! then use client to connect ! do we install on windows through "Command Prompt " ? thx

13. Is there any easy setup scripts like PiVPN for WireGuard?

14. Great video, clear and to the point. I didn't hear it pointed out and I felt like it might be the default configuration but what's required for split tunnel configuration? This is for domain joined machines, so only I'm trying to figure out if I can forward just domain traffic over the VPN and everything else can go via the internet connection.

15. So you can add your other windows machines to the same server conf file? How do you setup for mobile clients for the server? Nice tut btw best so far ?

16. i problem bu wireguard . when use 2 decive on one time disconnect. why?

17. How do you get IP forwarding working when you're connecting a windows client to a windows server?

18. Very interesting video, makes it realy simple. All peers are visible and can ping to the server. The server pings to the RPi but not the the windows client… I'm missing someting. Did you manage to make the peers talk to eachother and not just to the server?
    The idea is to setup a VPN between different systems, make them able to talk to eachother. Thanks for your help

19. Thank you for the great Video. How to do it if you have 3 or more clients? Do you have to generate again the keys on client and server? Or how to do that?

20. A very good video. At one point I came to a standstill. I didn't know that you have to enable IP forwarding explicitly in the OS. After that everything worked as described. Thanks a lot!

    "sysctl -w net.ipv4.ip_forward=1"

21. Exceptional Video… small and straight to the point of info needed. Question …. do the clients in your example have a static Ip also? What if they take IP from a DHCP Server? Do you have to type in [Interface]/Address 0.0.0.0 as well then in order to work?

22. # WireGuard installer for Ubuntu 18.04 LTS, Debian 9 and CentOS 7.
    # Usage: wget qO https://git.io/wireguard.sh | bash

23. when i do wg-quick up wg0 on client, my ssh session gets disconnected and im not able to connect back ssh into the client….any throughts around it?

Comments are closed.