This guide will walk you through the process of setting up a VPN with WireGuard. WireGuard is a modern and secure VPN that is very easy to setup. Throughout the article I will be referencing https://github.com/WeeJeWel/wg-easy
VPNs are a great resource that can allow you to accomplish multiple goals. You’ll be able navigate more securely when on public wifi. You’ll also be able to mask your IP (if you set it up in a VPS). If you set it up on your own home network you can access devices like a NAS or an VMs you have on the network.
To install Docker on your device, we can go to https://docs.docker.com/desktop/install/linux-install/ to find how to install for your operating system and distro.
Setting up WireGuard using wg-easy, execute the following command:
docker run -d \
--name=wg-easy \
-e WG_HOST=🚨YOUR_SERVER_IP \
-e PASSWORD=🚨YOUR_ADMIN_PASSWORD \
-v ~/.wg-easy:/etc/wireguard \
-p 51820:51820/udp \
-p 51821:51821/tcp \
--cap-add=NET_ADMIN \
--cap-add=SYS_MODULE \
--sysctl="net.ipv4.conf.all.src_valid_mark=1" \
--sysctl="net.ipv4.ip_forward=1" \
--restart unless-stopped \
weejewel/wg-easy
Be sure to replace YOUR_SERVER_IP with either the WAN IP of your Raspberry Pi or a dynamic DNS hostname. Replace YOUR_ADMIN_PASSWORD with a password of your choice, which will be used to log in to the web UI.
You will need to configure port forwarding on your router to allow traffic to be directed to your Raspberry Pi. To do this, log in to your router’s web interface and navigate to the port forwarding section. Forward UDP/TCP traffic on port 51820 to the IP address of your Raspberry Pi. Remember to save your changes.
The WireGuard server will now be running and the web UI can be accessed at http://0.0.0.0:51821. Your configuration files will be saved in ~/.wg-easy on the Raspberry Pi.
To connect to your VPN from a device, you must generate a tunnel file. Log in to the web UI using the password you set in step 2. Click the “New” button in the top right. Give the client a name and click “Create.” This will generate a configuration file that can be downloaded by clicking the “Download” button or scanning the QR code. Install the WireGuard client on the device you want to connect with, and then import the configuration file. You can check which clients are currently connected on the main page of the web UI, and view statistics and charts for each client by clicking on their name.
There are many additional options and features available in wg-easy, including customizing the port and protocol used for the VPN, enabling IPv6 support, and assigning static IP addresses to clients. For more information on these options, refer to the wg-easy documentation.
In conclusion, this tutorial has shown you how to quickly and easily set up a WireGuard VPN on a Raspberry Pi using the wg-easy tool. It also covers how to generate configuration files for clients and connect them to the VPN. With WireGuard and wg-easy, you can easily create a secure and lightweight VPN to protect your online privacy and secure your internet connection.
My Twitter: https://twitter.com/adamjsturge
If you enjoy reading stories like these and want to support me as a writer, consider signing up to become a Medium member. It’s $5 a month, giving you unlimited access to thousands of articles, including my own. If you sign up using my link, I’ll earn a small commission with no extra cost to you.