fz0x1/WireGuard-Guide-On_Arch_Linux
1
0
Fork 0
mirror of https://github.com/omgcast/WireGuard-Guide-On_Arch_Linux.git synced 2025-05-15 02:38:31 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Update README.md

Browse source
This commit is contained in:
n3kit91 2024-11-28 18:02:57 +03:00 committed by GitHub
parent f64848a93b
commit de6b85ca67
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 110 additions and 17 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

125
README.md
View file

@ -2,7 +2,7 @@
# WireGuard Setup Guide for Arch Linux # WireGuard Setup Guide for Arch Linux
This guide provides a streamlined, step-by-step process to set up a secure WireGuard VPN on Arch Linux. It ensures proper configuration of public and private keys to avoid common issues related to authentication and traffic routing. This guide provides a streamlined, step-by-step process to set up a secure WireGuard VPN on Arch Linux. It ensures proper configuration of public and private keys to avoid common issues related to authentication and traffic routing. The client setup covers various platforms, including Linux, Windows, and mobile devices (iOS/Android).
[Русская версия](README-ru.md) [Русская версия](README-ru.md)
## Table of Contents ## Table of Contents
@ -12,6 +12,9 @@ This guide provides a streamlined, step-by-step process to set up a secure WireG
3. [Key Generation](#key-generation) 3. [Key Generation](#key-generation)
4. [Server Configuration](#server-configuration) 4. [Server Configuration](#server-configuration)
5. [Client Configuration](#client-configuration) 5. [Client Configuration](#client-configuration)
- [Linux](#linux)
- [Windows](#windows)
- [iOS/Android](#iosandroid)
6. [Firewall and Routing](#firewall-and-routing) 6. [Firewall and Routing](#firewall-and-routing)
7. [Starting WireGuard](#starting-wireguard) 7. [Starting WireGuard](#starting-wireguard)
8. [Verification](#verification) 8. [Verification](#verification)
@ -19,13 +22,14 @@ This guide provides a streamlined, step-by-step process to set up a secure WireG
## Prerequisites ## Prerequisites
- **Arch Linux** installed on both server and client machines. - **Arch Linux** installed on the server.
- **Root** or **sudo** privileges on both machines. - **Root** or **sudo** privileges on the server.
- **Public IP** address for the server. - **Public IP** address for the server.
- **WireGuard** application installed on the client device (Linux, Windows, iOS, Android).
## Installation ## Installation
### On Server and Client ### On Server
1. **Update the system:** 1. **Update the system:**
@ -33,20 +37,26 @@ This guide provides a streamlined, step-by-step process to set up a secure WireG
sudo pacman -Syu sudo pacman -Syu
``` ```
2. **Install WireGuard:** 2. **Install WireGuard and Nano Editor:**
```bash
sudo pacman -S wireguard-tools
```
3. **Install Nano Editor (Optional but Recommended):**
Nano is a user-friendly text editor that simplifies editing configuration files. Nano is a user-friendly text editor that simplifies editing configuration files.
```bash ```bash
sudo pacman -S nano sudo pacman -S wireguard-tools nano
``` ```
### On Client
- **Linux:**
```bash
sudo pacman -S wireguard-tools nano
```
- **Windows, iOS, Android:**
Install the [WireGuard application](https://www.wireguard.com/install/) from the official website or your device's app store.
## Key Generation ## Key Generation
### On Server ### On Server
@ -70,7 +80,16 @@ This guide provides a streamlined, step-by-step process to set up a secure WireG
### On Client ### On Client
1. **Generate client keys:** #### Linux
1. **Navigate to WireGuard directory:**
```bash
mkdir -p ~/wireguard
cd ~/wireguard
```
2. **Generate client keys:**
```bash ```bash
wg genkey | tee client_privatekey | wg pubkey > client_publickey wg genkey | tee client_privatekey | wg pubkey > client_publickey
@ -79,6 +98,15 @@ This guide provides a streamlined, step-by-step process to set up a secure WireG
- `client_privatekey`: Client's private key. - `client_privatekey`: Client's private key.
- `client_publickey`: Client's public key. - `client_publickey`: Client's public key.
#### Windows, iOS, Android
1. **Use the WireGuard application to generate keys:**
- Open the WireGuard app.
- Click on "Add Tunnel" > "Add empty tunnel..."
- The app will generate a private and public key pair.
- Save the private key securely and copy the public key for server configuration.
## Server Configuration ## Server Configuration
1. **Create/Edit WireGuard configuration:** 1. **Create/Edit WireGuard configuration:**
@ -118,14 +146,14 @@ This guide provides a streamlined, step-by-step process to set up a secure WireG
## Client Configuration ## Client Configuration
### Linux
1. **Create/Edit WireGuard configuration:** 1. **Create/Edit WireGuard configuration:**
```bash ```bash
sudo nano /etc/wireguard/wg0.conf sudo nano /etc/wireguard/wg0.conf
``` ```
*On Windows, use the WireGuard application to add a new tunnel and input the configuration.*
2. **Add the following configuration:** 2. **Add the following configuration:**
```ini ```ini
@ -147,6 +175,64 @@ This guide provides a streamlined, step-by-step process to set up a secure WireG
3. **Save and exit** (`Ctrl + O`, `Enter`, `Ctrl + X`). 3. **Save and exit** (`Ctrl + O`, `Enter`, `Ctrl + X`).
### Windows
1. **Open WireGuard application.**
2. **Add a new tunnel:**
- Click on "Add Tunnel" > "Add empty tunnel..."
3. **Paste the client configuration:**
```ini
[Interface]
PrivateKey = <client_privatekey>
Address = 10.0.0.2/24
DNS = 8.8.8.8
[Peer]
PublicKey = <server_publickey>
Endpoint = <server_public_ip>:51820
AllowedIPs = 0.0.0.0/0, ::/0
PersistentKeepalive = 25
```
- Replace `<client_privatekey>` with the client's private key.
- Replace `<server_publickey>` with the server's public key.
- Replace `<server_public_ip>` with your server's public IP address.
4. **Save and activate the tunnel.**
### iOS/Android
1. **Open WireGuard application.**
2. **Add a new tunnel:**
- Tap on "+" > "Create from scratch" or "Import from file/device."
3. **Enter the client configuration:**
```ini
[Interface]
PrivateKey = <client_privatekey>
Address = 10.0.0.2/24
DNS = 8.8.8.8
[Peer]
PublicKey = <server_publickey>
Endpoint = <server_public_ip>:51820
AllowedIPs = 0.0.0.0/0, ::/0
PersistentKeepalive = 25
```
- Replace `<client_privatekey>` with the client's private key.
- Replace `<server_publickey>` with the server's public key.
- Replace `<server_public_ip>` with your server's public IP address.
4. **Save and activate the tunnel.**
## Firewall and Routing ## Firewall and Routing
### On Server ### On Server
@ -176,7 +262,7 @@ This guide provides a streamlined, step-by-step process to set up a secure WireG
## Starting WireGuard ## Starting WireGuard
### On Server and Client ### On Server and Linux Client
1. **Start and enable WireGuard:** 1. **Start and enable WireGuard:**
@ -185,6 +271,13 @@ This guide provides a streamlined, step-by-step process to set up a secure WireG
sudo systemctl enable wg-quick@wg0 sudo systemctl enable wg-quick@wg0
``` ```
### On Windows, iOS, Android
1. **Activate the tunnel:**
- Open the WireGuard application.
- Toggle the switch next to your configured tunnel to "On."
## Verification ## Verification
1. **Check WireGuard status:** 1. **Check WireGuard status:**