Funtoo:User Services/VPN Setup

We use WireGuard for our internal VPN. These steps will help you to connect to our VPN. WireGuard is really quite simple to use but does have a learning curve. Once you're up and running, you'll appreciate the fast, reliable experience. Let's get started!

Initial Setup

Your first step is to emerge net-vpn/wireguard-tools:

root # emerge -av wireguard-tools

If you're using our sys-kernel/debian-sources kernel like a good, upstanding funtoo citizen, then you already have wireguard kernel modules available to load.

Before I can get you set up on the VPN, I need you to generate a public and private key. You will send the public key to me, and you'll keep the private key private. This can be done by running the following command:

root # wg genkey

After running this command, please send me the contents of your public.key file.

Now, create an /etc/wireguard/wg0.conf file with the following contents:

[Interface]
Address = [IPv4/netmask I provide to you]
ListenPort = 56875
PrivateKey = [Your Private Key]
DNS = 172.19.0.3,1.1.1.1

[Peer]
PublicKey = ct6WFz1ZaIPfsyRSw4NNq7cosE6pMldkP3y0B9fTh0U=
AllowedIPs = 172.16.0.0/12
Endpoint = [Endpoint I Provide to you]

Make this file non-readable by anyone but root:

root #  chmod go-rwx /etc/wireguard/wg0.conf

Really, you're now pretty much set up!