1
0
Fork 0
knowledge-base/KB/Linux/Wireguard.md

776 B

creation date tags
2022-09-05
note
linux
wireguard
wg

Wireguard

wireguard-tools is required.

Forwarding

When forwarding should be allowed, the "host" needs to set the following via sysctl or in a PostUp / PostDown hook of WireGuard.

net.ipv4.ip_forward=1
net.ipv6.conf.all.forwarding=1

In addition, the AllowedIPs in the client's peer section should be 0.0.0.0/0, ::/0.

Import into Network Manager

When using Network Manager, WireGuard profiles can be imported

nmcli connection import type wireguard file <path to conf>

Ensure you've unchecked Automatically connect afterwards in nm-connection-editor.

Android

On Android devices, private DNS enabled might block resolving. Disable it for WireGuard