33 lines
No EOL
776 B
Markdown
33 lines
No EOL
776 B
Markdown
---
|
|
creation date: 2022-09-05
|
|
tags: [note,linux,wireguard,wg]
|
|
---
|
|
|
|
# Wireguard
|
|
|
|
`wireguard-tools` is required.
|
|
|
|
## Forwarding
|
|
|
|
When forwarding should be allowed, the "host" needs to set the following via `sysctl` or in a `PostUp` / `PostDown` hook of WireGuard.
|
|
|
|
```shell
|
|
net.ipv4.ip_forward=1
|
|
net.ipv6.conf.all.forwarding=1
|
|
```
|
|
|
|
In addition, the `AllowedIPs` in the client's `peer` section should be `0.0.0.0/0, ::/0`.
|
|
|
|
## Import into Network Manager
|
|
|
|
When using Network Manager, WireGuard profiles can be imported
|
|
|
|
```shell
|
|
nmcli connection import type wireguard file <path to conf>
|
|
```
|
|
|
|
Ensure you've unchecked _Automatically connect_ afterwards in `nm-connection-editor`.
|
|
|
|
## Android
|
|
|
|
On Android devices, private DNS enabled might block resolving. Disable it for WireGuard |