2019-07-07 00:12:17 +00:00
+++
2019-07-07 01:36:48 +00:00
title = "Wireguard Gateway & Android"
2019-07-07 00:12:17 +00:00
date = 2019-07-07T02:02:05+02:00
author = "MH"
cover = ""
tags = ["VPN", "Wireguard", "Android", "Setup"]
2019-07-07 01:36:48 +00:00
description = "Setup a Linux Wireguard Gateway and connet with Android"
2019-07-07 00:12:17 +00:00
showFullContent = false
draft = true
+++
2019-07-07 00:15:06 +00:00
2019-07-07 01:36:48 +00:00
# Setup your Linux Server
2019-07-07 00:15:06 +00:00
2019-07-07 01:36:48 +00:00
Your Linux Server should be reachable throu an public via UDP.
If the IP address changes then DynDNS works just fine.
2019-07-07 00:15:06 +00:00
2019-07-07 01:36:48 +00:00
First **install WireGuard** on your Linux server. On the official website you will find
the right way for your Linux distro:
[WireGuard.com/install ](https://www.wireguard.com/install/ )
2019-07-07 00:15:06 +00:00
2019-07-07 01:36:48 +00:00
Then **configure** the Gateway.
We will use the 100.64.0.0/10 range (RFC 6598) because it wont colide with private IPv4 adresses (RFC 1918).
2019-07-07 00:15:06 +00:00
2019-07-07 01:40:44 +00:00
echo '[Interface]' > /etc/wireguard/wg0.conf
echo "PrivateKey = $(wg genkey)" >> /etc/wireguard/wg0.conf
echo 'ListenPort = 50002' >> /etc/wireguard/wg0.conf
echo "Address = 100.64.0.1/10" >> /etc/wireguard/wg0.conf
2019-07-07 00:15:06 +00:00
2019-07-07 01:36:48 +00:00
iptables -t nat -A POSTROUTING -s 100.64.0.0/10 -o eth0 -j MASQUERADE
2019-07-07 01:40:44 +00:00
systemctl enable --now wg-quick@wg0
2019-07-07 00:15:06 +00:00
2019-07-07 01:36:48 +00:00
To get the public key type:
2019-07-07 00:15:06 +00:00
2019-07-07 01:36:48 +00:00
wg pubkey < < < $(grep PrivateKey /etc/wireguard/wg_obermui.conf | cut -d ' ' -f3)
2019-07-07 00:15:06 +00:00
2019-07-07 01:40:44 +00:00
Now the Gateway is configured and running. To get som Information checkout wg and systemd:
systemctl status wg-quick@wg0
wg show
2019-07-07 01:36:48 +00:00
# Setup your Android
2019-07-07 00:15:06 +00:00
2019-07-07 01:36:48 +00:00
Download the App from [F-Droid ](https://f-droid.org/en/packages/com.wireguard.android/ ) or [Google Play ](https://play.google.com/store/apps/details?id=com.wireguard.android ).
2019-07-07 00:15:06 +00:00
2019-07-07 01:36:48 +00:00
use [ABC].jgp to explane
2019-07-07 00:15:06 +00:00
2019-07-07 01:36:48 +00:00
# Add Android Client to Server
2019-07-07 00:15:06 +00:00
2019-07-07 01:36:48 +00:00
[Peer] >> /etc/wireguard/wg0.conf
PublicKey = < Client-Pub-Key > >> /etc/wireguard/wg0.conf
AllowedIPs = 100.64.0.101/32 >> /etc/wireguard/wg0.conf
2019-07-07 00:15:06 +00:00
2019-07-07 01:36:48 +00:00
systemctl restart wg-quick@wg0 & & ystemctl status wg-quick@wg0
2019-07-07 00:15:06 +00:00
2019-07-07 01:36:48 +00:00
________________________________
2019-07-07 00:15:06 +00:00
2019-07-07 01:36:48 +00:00
# Sources
look at
https://www.wireguard.com/quickstart/
2019-07-07 00:29:27 +00:00
2019-07-07 01:36:48 +00:00
use config from ct (heise)
https://www.heise.de/select/ct/2019/5/1551091519824850
2019-07-07 00:29:27 +00:00
Witepaper https://www.wireguard.com/papers/wireguard.pdf
2019-07-07 01:36:48 +00:00
Demo Video https://video.obermui.de/videos/watch/5009724a-a670-4130-bc99-4ab820773da6