How to Configure WireGuard Peers

WireGuard is a modern and minimalistic VPN solution that aims to be faster and more efficient than existing protocols. Configuring WireGuard peers is a crucial step in setting up a secure VPN tunnel. This guide will walk you through the process of configuring WireGuard peers efficiently.

Prerequisites

• WireGuard installed on your systems. If you need help with installation, refer to our guide on installing WireGuard VPN.
• Basic understanding of networking and VPN concepts.
• Access to the command line interface on your systems.

Step-by-Step Instructions

1. Generate Key Pairs

Each WireGuard peer needs a private and public key. The private key remains confidential, while the public key is shared with other peers.

wg genkey | tee privatekey | wg pubkey > publickey

Run this command on each system you wish to configure as a peer.

2. Configure the Server (Main Peer)

Edit the WireGuard configuration file on your server. Typically, this file is located at /etc/wireguard/wg0.conf.

[Interface]
PrivateKey = <server_private_key>
Address = 192.168.2.1/24
ListenPort = 51820
SaveConfig = true

[Peer]
PublicKey = <client_public_key>
AllowedIPs = 192.168.2.2/32

Adjust the IP addresses and keys accordingly. The AllowedIPs entry defines what IP ranges will be routed through the VPN.

3. Configure the Client (Secondary Peer)

On the client system, configure the peer to connect to the server:

[Interface]
PrivateKey = <client_private_key>
Address = 192.168.2.2/24

[Peer]
PublicKey = <server_public_key>
Endpoint = <server_ip>:51820
AllowedIPs = 0.0.0.0/0
PersistentKeepalive = 25

Again, replace the placeholders with the actual key values and IP addresses.

4. Start the WireGuard Interface

On both server and client, bring up the WireGuard interface:

sudo wg-quick up wg0

Troubleshooting

• Connection Refused: Ensure that the correct ports are open and that no firewall is blocking the traffic.
• Keys not working: Verify that the keys and IP addresses are correctly set in the configuration files.

Conclusion

With WireGuard, setting up a VPN tunnel between peers is streamlined and secure. By following this guide, you can ensure that your data travels securely over the internet.

Summary Checklist

• Generate and exchange public keys for peers.
• Configure server and client settings in WireGuard configuration files.
• Test the connection and troubleshoot if necessary.

About The Author

Dorian Kane

See author's posts

• 
  Mastering Kubernetes Network Policies
• 
  How to Configure RBAC in Kubernetes
• 
  How to Secure Your Kubernetes Dashboard Effortlessly
• 
  How to Install Kubernetes Dashboard: A Step-by-Step Guide