Wireguard is currently not fit for production use as it is under heavy development. With that in mind, it is an fantastic piece of software and I cannot wait for it to get security certification and proper testing, so we can adopt it into the IT workplace.
VPN’s can be complicated. Wireguard is simple and I managed to configure and connect with only a few simple steps. Here is my example config so you can be even faster than me.
In my own situation I had only a few hours to wipe a computer, build a dedicated workstation, learn, set up and test this VPN for a project. I can say it was one of the easiest to configure VPN’s I’ve ever used.
Server config
# This server's interface
[Interface]
Address = xx.xx.xx.xx/24
PrivateKey = <servers's generated private key>
SaveConfig = true
# The client which acts as the VPN Gateway
[Peer]
PublicKey = <clients's generated public key>
AllowedIPs = xx.xx.xx.xx/24
Endpoint = xx.xx.xx.xx
PersistentKeepalive = 25
Client config
# This machines' local Wireguard interface
[Interface]
Address = xx.xx.xx.xx/24
PrivateKey = <client's generated private key>
SaveConfig = true
# The remote server which acts as the VPN Gateway
[Peer]
PublicKey = <server's generated public key>
AllowedIPs = xx.xx.xx.xx/24
Endpoint = xx.xx.xx.xx
PersistentKeepalive = 25
Gist here: https://gist.github.com/darrenkearney/a18f2603b78f187c33933f60a59f0d5c
Save the file with the name you want to give the interface. Save it with a .conf file extension in /etc/wireguard directory. Wireguard will look for .conf files here first.
Now you can initiate the connection by referencing the interface with the filename you gave it. I saved as wg0.conf, so I bring up the interface with this command:
wg-quick up wg0
Now you can check to see the state of the VPN connection with wg
.
wg
wg0
seems to be a common name among a lot of documentation I encountered. I decided to keep this for my instance of Wireguard. If I return to it later in a few weeks (or months) to change something, I can easily pick up what is happening by refering to documentation. Naming things is a big part of an IT job, do it smartly!
Wireguard is currently under heavy development at time of writing. Though it is in line to becoming the most secure and easiest to set up VPN in the world. Feel free to use these example configs in your own setups for testing out Wireguard.