Wireguard as a VPN solution for Home connection

Why this story

Setup ?


For both Sides

# dnf install -y wireguard-tools
(yum install -y wireguard-tools)
# cd /etc/wireguard# umask 022
# wg genkey | tee privatekey | wg pubkey > publickey
# ls -la
-rw-------. 1 root root 45 Sep 19 08:52 privatekey
-rw-------. 1 root root 45 Sep 19 08:52 publickey

Server Side

# cat > wg0.conf << EOF
Address =
SaveConfig = true
ListenPort = 50001
PrivateKey = $(cat privatekey)
PublicKey = <Client Public Key>
AllowedIPs =
# nmcli con import type wireguard file /etc/wireguard/wg0.conf
# systemctl enable --now NetworkManager
# ip addr show dev wg0
8: wg0: <POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1420 qdisc noqueue state UNKNOWN group default qlen 1000
inet brd scope global noprefixroute wg0
valid_lft forever preferred_lft forever
inet6 fe80::6379:a6c7:dac7:2732/64 scope link flags 800
valid_lft forever preferred_lft forever
# wg
interface: wg0
public key: Hq0JcXBjXJMHwa9TtGc0cQ6eiSa2y0ObUVGrnf/eUBc=
private key: (hidden)
listening port: 60001
peer: <Client Public Key>
allowed ips:
# export FWZONE=$(firewall-cmd --get-default-zone)
# firewall-cmd --add-port=50001/udp --permanent --zone=${FWZONE}# firewall-cmd --reload
# SERVERIP=$(ip route get | awk 'NR==1 {print $(NF-2)}')(This will work in a disconnected network as well)
# firewall-cmd --permanent --zone=${FWZONE} --add-masquerade# firewall-cmd --permanent --direct --passthrough ipv4 -t nat -A POSTROUTING -s -o $SERVERIP -j MASQUERADE
# cat /etc/firewalld/direct.xml<?xml version=”1.0" encoding=”utf-8"?>
<passthrough ipv=”ipv4">
# echo 'net.ipv4.ip_forward = 1' >> /etc/sysctl.conf# echo 'net.ipv4.conf.all.accept_redirects = 0' >> /etc/sysctl.conf# echo 'net.ipv4.conf.all.send_redirects = 0' >> /etc/sysctl.conf# sysctl -p
# firewall-cmd --reload
# wg set wg0 peer <Public Key> allowed-ips

Client Side



Open Source contributer for the past 15 years

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store