Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
linux_router:wireguard [2021-08-27 Fri wk34 15:25] – [Wireguard Trouble Shooting] baumkplinux_router:wireguard [2025-05-24 Sat wk21 21:09] (current) baumkp
Line 1: Line 1:
 {{tag>linux router vpn wireguard Docker "qr code" QR}} {{tag>linux router vpn wireguard Docker "qr code" QR}}
-=====Wireguard VPN======+=====Wireguard VPN access from WAN to LAN====== 
 +<fc #ff0000>I use a Docker instance for my Wireguard server now.</fc>
  
 +I use 2 forms of vpn (virtual private network) on my home server.
 +  - VPN to gain remote secure private access to my home LAN from the WAN (internet). //This is the one I am describing here.//
 +  - VPN to anonymize my public internet access, making it more difficult for others to track my online behavior.   //This is where I describe this [[https://wiki.kptree.net/doku.php?id=tech_notes:docker-deluge#vpn_setup_including_nftable_force_vpn_usage|VPN setup including nftable force to anonymize WAN usage]]//
  
 WireGuard is an extremely simple yet fast and modern VPN that utilizes state-of-the-art cryptography. It aims to be faster, simpler, leaner, and more useful than IPsec, while avoiding the massive headache. It intends to be considerably more performant than OpenVPN. WireGuard is designed as a general purpose VPN for running on embedded interfaces and super computers alike, fit for many different circumstances. Initially released for the Linux kernel, it is now cross-platform (Windows, macOS, BSD, iOS, Android) and widely deployable. It is currently under heavy development, but already it might be regarded as the most secure, easiest to use, and simplest VPN solution in the industry. WireGuard is an extremely simple yet fast and modern VPN that utilizes state-of-the-art cryptography. It aims to be faster, simpler, leaner, and more useful than IPsec, while avoiding the massive headache. It intends to be considerably more performant than OpenVPN. WireGuard is designed as a general purpose VPN for running on embedded interfaces and super computers alike, fit for many different circumstances. Initially released for the Linux kernel, it is now cross-platform (Windows, macOS, BSD, iOS, Android) and widely deployable. It is currently under heavy development, but already it might be regarded as the most secure, easiest to use, and simplest VPN solution in the industry.
Line 27: Line 31:
  
 ===Greatest Difficulties in Setting=== ===Greatest Difficulties in Setting===
-Wireguard is not chatty.  It is important that the setup information is done correctly, in particular the private and public keys.  Also the allowed ips is important. On the server side it is set to the main VPN ip address. On the client side it needs to be set to include ip addresses that are allowed to be access on the client side.+Wireguard is not chatty, this actually is a security feature.  It is important that the setup information is done correctly, in particular the private and public keys.  Also the allowed ips is important. On the server side it is set to the main VPN ip address. On the client side it needs to be set to include ip addresses that are allowed to be access on the client side.
 Some tools that help fault find: Some tools that help fault find:
   * On the server side: ''sudo tcpdump -i wan_device -c 5 port vpn_port'', where wan_device is the wan device, in my case ppp1 and vpn_port is the port number wireguard is set to, in my case 51914, the default is 51820.  This lets you see if the packets are coming in to the wan.   * On the server side: ''sudo tcpdump -i wan_device -c 5 port vpn_port'', where wan_device is the wan device, in my case ppp1 and vpn_port is the port number wireguard is set to, in my case 51914, the default is 51820.  This lets you see if the packets are coming in to the wan.
Line 494: Line 498:
   *[[https://www.the-digital-life.com/wireguard-docker/|Create your own VPN server with WireGuard in Docker]]   *[[https://www.the-digital-life.com/wireguard-docker/|Create your own VPN server with WireGuard in Docker]]
   *[[https://www.linuxserver.io/|Building and maintaining community {Docker} images]]   *[[https://www.linuxserver.io/|Building and maintaining community {Docker} images]]
 +  *[[https://hub.docker.com/r/linuxserver/wireguard|Dockerhub linuxserver.io wireguard]]
  
  
 <-  linux_router:misc|Prev page ^ linux_router:start|Start page ^ ->  ^ linux_router:nmap|Next page  -> <-  linux_router:misc|Prev page ^ linux_router:start|Start page ^ ->  ^ linux_router:nmap|Next page  ->