On both peers, install the Wireguard module and tools:
apt install wireguard
Create the configuration file at
[Interface] Address = 192.168.3.1 PrivateKey = `wg genkey` [Peer] PublicKey = `wg pubkey < privkey-of-other-peer` PresharedKey = `wg genpsk` AllowedIPs = 192.168.3.2
The PresharedKey must be identical across peers. Make sure to share it over a secure channel.
On at least one of the peers, set
Endpoint in the
[Peer] section to the internet hostname and listening port of the other peer. Set the listening port by adding
Port to the
You will need to set
AllowedIPs to the
Address of the other peer. You can use another subnet if 192.168.3.0 is already being used.
Turn on the tunnel using:
wg-quick up wg0
See connection information using:
Try pinging the other peer: