+++ title = "Wireguard Gateway & Android" date = 2019-07-07T02:02:05+02:00 author = "MH" cover = "" tags = ["VPN", "Wireguard", "Android", "Setup"] description = "Setup a Linux Wireguard Gateway and connet with Android" showFullContent = false draft = true +++ # Setup your Linux Server Your Linux Server should be reachable throu an public via UDP. If the IP address changes then DynDNS works just fine. First **install WireGuard** on your Linux server. On the official website you will find the right way for your Linux distro: [WireGuard.com/install](https://www.wireguard.com/install/) Then **configure** the Gateway. We will use the 100.64.0.0/10 range (RFC 6598) because it wont colide with private IPv4 adresses (RFC 1918). echo '[Interface]' > /etc/wireguard/wg0.conf echo "PrivateKey = $(wg genkey)" >> /etc/wireguard/wg0.conf echo 'ListenPort = 50002' >> /etc/wireguard/wg0.conf echo "Address = 100.64.0.1/10" >> /etc/wireguard/wg0.conf iptables -t nat -A POSTROUTING -s 100.64.0.0/10 -o eth0 -j MASQUERADE systemctl enable --now wg-quick@wg0 && systemctl status wg-quick@wg0 To get the public key type: wg pubkey <<<$(grep PrivateKey /etc/wireguard/wg_obermui.conf | cut -d ' ' -f3) # Setup your Android Download the App from [F-Droid](https://f-droid.org/en/packages/com.wireguard.android/) or [Google Play](https://play.google.com/store/apps/details?id=com.wireguard.android). use [ABC].jgp to explane # Add Android Client to Server [Peer] >> /etc/wireguard/wg0.conf PublicKey = >> /etc/wireguard/wg0.conf AllowedIPs = 100.64.0.101/32 >> /etc/wireguard/wg0.conf systemctl restart wg-quick@wg0 && ystemctl status wg-quick@wg0 ________________________________ # Sources look at https://www.wireguard.com/quickstart/ use config from ct (heise) https://www.heise.de/select/ct/2019/5/1551091519824850 Witepaper https://www.wireguard.com/papers/wireguard.pdf Demo Video https://video.obermui.de/videos/watch/5009724a-a670-4130-bc99-4ab820773da6