Wireguard setup

Hi folks, hope we’re all well!
My VPN provider supports wireguard so I’d like to give it a go
With openvpn it’s a simple task to import the config; I don’t get this option with wireguard?
There is the option of a setting up a ‘virtual wireguard’ connection but I don’t think this is what I want
also looked at the arch wiki and it specifically mentions folder /etc/wireguard which doesn’t exist
I have installed wireguard-tools
Thanks!

with Networkmanager or nmtui
https://blogs.gnome.org/thaller/2019/03/15/wireguard-in-networkmanager/

yeah that what I tried to do but under VPN options, i only get ‘OpenVPN’ or ‘Import a saved VPN configuration’…
PS there is actually a wireguard folder but I get ‘access denied’

I can see a WireGuard connection type when using nm-connection-editor:

I think that’s the one you want. :wink:

yes boss, I already said 'There is the option of a setting up a ‘virtual wireguard’ connection ’ :wink:
BUT if you continue a bit further , the ‘Automatically connect to a VPN’ wants to use an existing config!!??


Is anybody actually using this???

1 Like

If you don’t need to connect to a VPN first then don’t tick that option?

right I’ve currently got some openvpn configs that I use fine!!
BUT I want to create a wireguard VPN from scratch…this is the config file I have from my provider
[Interface]
PrivateKey = keykeykey
ListenPort = 51820
Address = 10.100.1.153/32
DNS = 10.100.0.1

[Peer]
PublicKey = keykeykey
PresharedKey = keykeykey
AllowedIPs = 0.0.0.0/0
Endpoint = x.x.x.x:port
PersistentKeepalive = 25

So something like this:

?

ok I can set all that up but how do I actually use it???
with the VPN configs I just click on my network icon, select the relevant connection and bish bash bosh I’m in!

Why not set it up and then see how it works?

If you have questions about how to use the VPN service then the VPN provider support might be good people to ask…

I have, methinks I’m not as daft as you think here :laughing: :wink:

this is help from my VPN provider, i guess they can’t provide comprehensive support for all linux flavors…
Note: Ubuntu 19.10 was taken as an example.

1. First of all, you need to create the WireGuard® configuration file in your User Office. To do this, follow the instructions described in this manual.

2. Create the WireGuard® repository:

sudo add-apt-repository ppa:wireguard/wireguard

3. Install the WireGuard® packages:

sudo apt install wireguard

Install the resolv.conf package:

sudo apt install resolvconf

4. Go to the WireGuard® directory and create the wg0.conf file:

cd /etc/wireguard

5. Copy the WireGuard® configurations, you received in your User Office, and paste it to the wg0.conf file using your text editor:

nano wg0.conf

6. Turn on your WireGuard® connection and enjoy fast and reliable web surfing:

systemctl start wg-quick@wg0

7. If you want to keep your WireGuard® connection ON at the system startup, print the following command:

systemctl enable wg-quick@wg0

8. Turn off the WireGuard® connection using the command:

systemctl stop wg-quick@wg0

9. If you want to turn the autostart off use the command:

systemctl disable wg-quick@wg0

OK - so when you are connected to the WireGuard interface via nm-applet you are connected to the WG network. When you are not connected, then you are not.

If you want to shunt all traffic over the interface then set up your routes appropriately.

that’s the thing I can’t just right click and connect…or left click or anything
that’s why I wanted a ‘wireguard VPN’ in my ‘VPN list’ :grimacing:
Screenshot_2020-08-07_13-42-06

PS if you’re the same jonathon that posts on the manjaro forums it’s good to see your here…
And either way thanks for your input!
I binned manjaro over a year ago now when I felt they were on the brink of trying to sell me something :upside_down_face: :rofl:

Tick the “Connect automatically” box. Confirm with wg:

# wg
interface: wg0
  public key: bv3+yWC+xHlM6ioF8sBk+PvwE3bBTu+95JHRQlvSVgI=
  private key: (hidden)
  listening port: 42453

peer: Vf5rpdeedrRk79s+wVG4bI0ZLXTO/V53+HbmxL3ybBE=
  endpoint: x.x.x.x:51820
  allowed ips: 192.168.2.0/24
  latest handshake: 1 minute, 59 seconds ago
  transfer: 8.55 KiB received, 8.09 KiB sent
1 Like

ah cool that worked!
so if I now change the 10.x IP range to the 192.x range that I actually use we might have a runner!?

1 Like

my browser still thinks I’m in France…
think I’ll have to rtfm on wireguard and routing…maybe this 10.x ip address is the one the VPN provider is expecting to see me on??

Yes. Use the IP address the provider has given you.

how do I kill the connection and restart it?
edit: just disconnect your ethernet :smiley: