To be very quick, this is a very little howto to create Wireguard VPN.

First on both client and server you need to generate a private and associated public key.

# wg genkey > host_private.key
# wg pubkey < host_private.key > host_public.key

On the server, create a config file, for example myhome.conf on /etc/wireguard, with following content:

# Address for server and mask
Address =
# Port to listen on (open on FW on UDP)
ListenPort = 1234
# Private key for server (content)
PrivateKey = dsfsdfdssfdfsd

# Public key for client (content)
PublicKey = dfdsfsdsdfdffddfssfd
# How is allowed to connect / IP for client on the same network as server. It can be a network
AllowedIPs =
# Force to send packets every x sec to keep the tunnel up
PersistentKeepalive = x

For the server, create a config file too on /etc/wireguard

# Client address. Same as AllowedIPs on server (with mask)
Address =
# Private key for client (content)
PrivateKey = dsfdslalzlelk

# Host to connect
Endpoint =
# Public key for server (content)
PublicKey = dldlkmsdlkmdsmlds
# How is allowed (the server)
AllowedIPs =

On each machine, you can enable systemd service with wg-quick@confname (without .conf).

Check the network interface, with ip commands.

You can have more infos with "wg" command.


For more info, check