Wireguard VPN Server- Has anyone set one up, say at home?

  • Be sure to checkout “Tips & Tricks”
    Dear Guest Visitor → Once you register and log-in:

    This forum does not automatically send notices of new content. So if, for example, you would like to be notified by mail when Steve posts an update to his blog (or of any other specific activity anywhere else), you need to tell the system what to “Watch” for you. Please checkout the “Tips & Tricks” page for details about that... and other tips!

    /Steve.
  • Larger Font Styles
    Guest:

    Just a quick heads-up that I've implemented larger font variants of our forum's light and dark page styles. You can select the style of your choice by scrolling to the footer of any page here. This might be more comfortable (it is for me) for those with high-resolution displays where the standard fonts, while permitting a lot of text to fit on the screen, might be uncomfortably small.

    (You can permanently dismiss this notification with the “X” at the upper right.)

    /Steve.

GregM

Member
Dec 6, 2020
15
2
Pretty much as the subject line states.

Without completely understanding what I am saying here . . . I was thinking that I could set up a Linux Machine and then, via Virtualbox, launch a WireGuard Server that I would leave running constantly.
I'd then use that WireGuard Server to remote into my internal network.

I'm guessing I'd have to set up port forwarding in the router to the WireGuard Server (not sure how else I'd be able to get to it otherwise).

Something like that.

I'm curious to know if anyone else has had any luck doing something like this, and how they went about it.
 

JulioHM

Active member
Oct 25, 2020
35
14
Just a thought, but maybe spinning up an entire virtual machine dedicated to Wireguard might not be the most efficient setup. Wireguard is baked into the most recent kernel versions, so it's mostly a native Linux feature by now. It is very lightweight. You just need to install the CLI tools to manage it. A lot of tutorials are available today.


At home, you will need to fowared UDP ports to the Wireguard service. Probably easier to keep those fixed and statically routed.
 

wandored

New member
Oct 16, 2020
1
0
I set it up on my edgeRX router. Very easy to setup. However, I really have not had to many opportunities to use it.
 

GregM

Member
Dec 6, 2020
15
2
Thanks JulioHM for the link! That's way better than running a VM to act as a server:

<Quote>

IP forwarding

uncomment the following line by removing the # at the beginning of the line.

Code:
net.ipv4.ip_forward=1

Once done, save the file and exit the editor.

<End Quote>

I like that A LOT!
 

ScruffyDan

Member
Sep 23, 2020
10
3
Hey ScruffyDan, thanks for the link.

This could come in handy actually. I have a buddy that a first gen USG. Do you know if Wiregard would be able to run on this gateway?


That is what I run it on. it works great!
 

Dotline

New member
Dec 1, 2020
1
0
I have installed it today on a VPS, if you want to do it on your home/local network, you will probably have to have a device (lets say a raspberry pi) that has to be always on. I can help you with installation, it is a bit weird to set up and add users to be honest but once you figure it out its very good.
 

MichaelRSorg

Well-known member
Nov 1, 2020
60
6
RouterSecurity.org
The Beryl (GL-MT1300) from GL.iNet was just introduced. Its a small travel router that runs OpenWRT and sells for $70. It supports WireGuard. I *assume* the client side rather than the server, but you can install apps, so maybe? a server too? I have not used it, just an FYI.
 

MrObvious

Paul
Sep 23, 2020
14
0
Has anyone tried setting up a Wireguard VPN server on OpenWRT? I'm wondering if putting on the router is a bad idea? Usually it's a good idea to have dedicated devices for dedicated purposes if possible.
 

MichaelRSorg

Well-known member
Nov 1, 2020
60
6
RouterSecurity.org
Running VPN software, be it client or server, on a router is a bad idea, in my opinion. To begin with, there is CPU overhead. As for a server, it means poking a hole in the router firewall. As for client software, there is the decreased speed every VPN entails that now impacts all devices rather than just one or two. More importantly, you don't want a VPN failure to knock you completely off-line. Or, to expose all your devices. Yes, some VPN client software can kill all traffic if the VPN tunnel fails, but why depend on that. VPN client software is a good match for a second router, one plugged into a LAN port of the main router.
 

GregM

Member
Dec 6, 2020
15
2
I've just setup Wireguard on Amazon's Lightsail (First month Free, $3.50/mo. after that) for testing purposes.

Works like a charm!

Lightsail has a 512Mb Ram, 1Ghz CPU, and 20GB's of Drive space.
I loaded Ubuntu's 20.x server on and installed WG.
Configured it and 'voila.

This is probably for another tread, but does anyone have any idea how much traffic one could run through that Cloud VPN I have set up?

Server specs are the bottom rung, and I was just wondering.

Everything's just passing through that server, so I'd expect it shouldn't become any sort of a 'bottleneck' unless "A LOT" of data is moving through it.

Thoughts? Insights?
 

PHolder

Well-known member
Sep 16, 2020
637
2
312
Ontario, Canada
I don't know Lightsail, but it sounds pretty much like a VPS. You can rent VPS'es of varying power for varying prices. Linode and OVH are just two examples of companies that also do this sort of business. I've heard that Amazon likes to charge per data coming in or out, whereas different VPS companies have different models... some allow you to hit a max and then reduce your bandwidth.