• Disable ufw or put a rule

Generate Keys

umask 077
wg genkey > privatekey
wg pubkey < privatekey > publickey

Or

wg genkey | tee privatekey | wg pubkey > publickey

Start Wireguard Systemwide

systemctl start wg-quick@wg0
systemctl enable wg-quick@wg0

Forward Traffic

echo "net.ipv4.ip_forward = 1
net.ipv6.conf.all.forwarding = 1" > /etc/sysctl.d/wg.conf
sysctl --system

Masquerading

PostUp = iptables -t nat -A POSTROUTING -o ens3 -j MASQUERADE; ip6tables -t nat -A POSTROUTING -o ens3 -j MASQUERADE
PostDown = iptables -t nat -D POSTROUTING -o ens3 -j MASQUERADE; ip6tables -t nat -D POSTROUTING -o ens3 -j MASQUERADE

QR Code

qrencode -t ansiutf8 < client.conf