2.2 KiB
+++ title = "Wireguard Gateway & Android" date = 2019-07-07T02:02:05+02:00 author = "MH" cover = "" tags = ["VPN", "Wireguard", "Android", "Setup"] description = "Setup a Linux Wireguard Gateway and connet with Android" showFullContent = false draft = true +++
Setup your Linux Server
Your Linux Server should be reachable throu an public via UDP. If the IP address changes then DynDNS works just fine.
First install WireGuard on your Linux server. On the official website you will find the right way for your Linux distro: WireGuard.com/install
Then configure the Gateway. We will use the 100.64.0.0/10 range (RFC 6598) because it wont colide with private IPv4 adresses (RFC 1918).
echo '[Interface]' > /etc/wireguard/wg0.conf
echo "PrivateKey = $(wg genkey)" >> /etc/wireguard/wg0.conf
echo 'ListenPort = 50002' >> /etc/wireguard/wg0.conf
echo "Address = 100.64.0.1/10" >> /etc/wireguard/wg0.conf
iptables -t nat -A POSTROUTING -s 100.64.0.0/10 -o eth0 -j MASQUERADE
systemctl enable --now wg-quick@wg0
To get the public key type:
wg pubkey <<<$(grep PrivateKey /etc/wireguard/wg_obermui.conf | cut -d ' ' -f3)
Now the Gateway is configured and running. To get som Information checkout wg and systemd:
systemctl status wg-quick@wg0
wg show
Setup your Android
Download the App from F-Droid or Google Play.
use [ABC].jgp to explane
Add Android Client to Server
[Peer] >> /etc/wireguard/wg0.conf
PublicKey = <Client-Pub-Key> >> /etc/wireguard/wg0.conf
AllowedIPs = 100.64.0.101/32 >> /etc/wireguard/wg0.conf
systemctl restart wg-quick@wg0 && ystemctl status wg-quick@wg0
Sources
look at https://www.wireguard.com/quickstart/
use config from ct (heise) https://www.heise.de/select/ct/2019/5/1551091519824850
Witepaper https://www.wireguard.com/papers/wireguard.pdf
Demo Video https://video.obermui.de/videos/watch/5009724a-a670-4130-bc99-4ab820773da6