Wireguard VPN Server- Has anyone set one up, say at home?

  • SpinRite v6.1 Release #3
    Guest:
    The 3rd release of SpinRite v6.1 is published and may be obtained by all SpinRite v6.0 owners at the SpinRite v6.1 Pre-Release page. (SpinRite will shortly be officially updated to v6.1 so this page will be renamed.) The primary new feature, and the reason for this release, was the discovery of memory problems in some systems that were affecting SpinRite's operation. So SpinRite now incorporates a built-in test of the system's memory. For the full story, please see this page in the "Pre-Release Announcements & Feedback" forum.
    /Steve.
  • Be sure to checkout “Tips & Tricks”
    Dear Guest Visitor → Once you register and log-in please checkout the “Tips & Tricks” page for some very handy tips!

    /Steve.
  • BootAble – FreeDOS boot testing freeware

    To obtain direct, low-level access to a system's mass storage drives, SpinRite runs under a GRC-customized version of FreeDOS which has been modified to add compatibility with all file systems. In order to run SpinRite it must first be possible to boot FreeDOS.

    GRC's “BootAble” freeware allows anyone to easily create BIOS-bootable media in order to workout and confirm the details of getting a machine to boot FreeDOS through a BIOS. Once the means of doing that has been determined, the media created by SpinRite can be booted and run in the same way.

    The participants here, who have taken the time to share their knowledge and experience, their successes and some frustrations with booting their computers into FreeDOS, have created a valuable knowledgebase which will benefit everyone who follows.

    You may click on the image to the right to obtain your own copy of BootAble. Then use the knowledge and experience documented here to boot your computer(s) into FreeDOS. And please do not hesitate to ask questions – nowhere else can better answers be found.

    (You may permanently close this reminder with the 'X' in the upper right.)

GregM

Member
Dec 6, 2020
19
2
Pretty much as the subject line states.

Without completely understanding what I am saying here . . . I was thinking that I could set up a Linux Machine and then, via Virtualbox, launch a WireGuard Server that I would leave running constantly.
I'd then use that WireGuard Server to remote into my internal network.

I'm guessing I'd have to set up port forwarding in the router to the WireGuard Server (not sure how else I'd be able to get to it otherwise).

Something like that.

I'm curious to know if anyone else has had any luck doing something like this, and how they went about it.
 
Just a thought, but maybe spinning up an entire virtual machine dedicated to Wireguard might not be the most efficient setup. Wireguard is baked into the most recent kernel versions, so it's mostly a native Linux feature by now. It is very lightweight. You just need to install the CLI tools to manage it. A lot of tutorials are available today.


At home, you will need to fowared UDP ports to the Wireguard service. Probably easier to keep those fixed and statically routed.
 
I set it up on my edgeRX router. Very easy to setup. However, I really have not had to many opportunities to use it.
 
Thanks JulioHM for the link! That's way better than running a VM to act as a server:

<Quote>

IP forwarding

uncomment the following line by removing the # at the beginning of the line.

Code:
net.ipv4.ip_forward=1

Once done, save the file and exit the editor.

<End Quote>

I like that A LOT!
 
Hey ScruffyDan, thanks for the link.

This could come in handy actually. I have a buddy that a first gen USG. Do you know if Wiregard would be able to run on this gateway?


That is what I run it on. it works great!
 
I have installed it today on a VPS, if you want to do it on your home/local network, you will probably have to have a device (lets say a raspberry pi) that has to be always on. I can help you with installation, it is a bit weird to set up and add users to be honest but once you figure it out its very good.
 
The Beryl (GL-MT1300) from GL.iNet was just introduced. Its a small travel router that runs OpenWRT and sells for $70. It supports WireGuard. I *assume* the client side rather than the server, but you can install apps, so maybe? a server too? I have not used it, just an FYI.
 
Has anyone tried setting up a Wireguard VPN server on OpenWRT? I'm wondering if putting on the router is a bad idea? Usually it's a good idea to have dedicated devices for dedicated purposes if possible.
 
  • Like
Reactions: xplora1a
Running VPN software, be it client or server, on a router is a bad idea, in my opinion. To begin with, there is CPU overhead. As for a server, it means poking a hole in the router firewall. As for client software, there is the decreased speed every VPN entails that now impacts all devices rather than just one or two. More importantly, you don't want a VPN failure to knock you completely off-line. Or, to expose all your devices. Yes, some VPN client software can kill all traffic if the VPN tunnel fails, but why depend on that. VPN client software is a good match for a second router, one plugged into a LAN port of the main router.
 
I've just setup Wireguard on Amazon's Lightsail (First month Free, $3.50/mo. after that) for testing purposes.

Works like a charm!

Lightsail has a 512Mb Ram, 1Ghz CPU, and 20GB's of Drive space.
I loaded Ubuntu's 20.x server on and installed WG.
Configured it and 'voila.

This is probably for another tread, but does anyone have any idea how much traffic one could run through that Cloud VPN I have set up?

Server specs are the bottom rung, and I was just wondering.

Everything's just passing through that server, so I'd expect it shouldn't become any sort of a 'bottleneck' unless "A LOT" of data is moving through it.

Thoughts? Insights?
 
I don't know Lightsail, but it sounds pretty much like a VPS. You can rent VPS'es of varying power for varying prices. Linode and OVH are just two examples of companies that also do this sort of business. I've heard that Amazon likes to charge per data coming in or out, whereas different VPS companies have different models... some allow you to hit a max and then reduce your bandwidth.