From 5f8fca464f4c85e47b86ded5f6cd45e4cf878eae Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Yaroslav=20de=20la=20Pe=C3=B1a=20Smirnov?= Date: Tue, 29 Mar 2022 00:24:14 +0300 Subject: Updated Wireguard post Added information about packet forwarding. --- content/weblog/2020-06-06_wireguard-vpn/index.md | 19 ++++++++++++++++++- 1 file changed, 18 insertions(+), 1 deletion(-) diff --git a/content/weblog/2020-06-06_wireguard-vpn/index.md b/content/weblog/2020-06-06_wireguard-vpn/index.md index 04dd969..08203d9 100644 --- a/content/weblog/2020-06-06_wireguard-vpn/index.md +++ b/content/weblog/2020-06-06_wireguard-vpn/index.md @@ -1,6 +1,7 @@ +++ title = "Goodbye OpenVPN, hello Wireguard" date = 2020-06-06T02:13:28Z +updated = 2021-03-28T21:23:16Z +++ I had been using OpenVPN for quite some time for my internet privacy purposes. @@ -48,7 +49,7 @@ If these advantages haven't convinced you yet, I don't know what will. ## Set up instructions -There are something that are worth keeping in mind while setting up Wireguard. +There are some things that are worth keeping in mind while setting up Wireguard. One of them is that unlike other VPN protocols, like OpenVPN, there is no server and client per se. There are just peers. Of course, that doesn't mean that you cannot use Wireguard like you would use OpenVPN, quite the contrary. It just @@ -136,6 +137,22 @@ systemctl enable wg-quick@wg0 systemctl start wg-quick@wg0 ``` +Since in this configuration we want to be able to forward all of the peers' +traffic through the VPS, we need to enable packet forwarding in the kernel by +adding or uncommenting the following lines to `/etc/sysctl.conf`, or creating a +new file in `/etc/sysctl.d/` with these lines: + +``` +net.ipv4.ip_forward=1 +net.ipv6.conf.all.forwarding=1 +``` + +After adding them, to immediately load the config we run + +```sh +sysctl --system +``` + ### Client configuration The configuration for the client side of things is pretty similar to the server -- cgit v1.2.3