Wireguard .. "

On FreeBSD wireguard is implemented in go.

Software installation

Using freebsd, poudriere all done and running, repositories pointing the right ways, this is easy. All I have to do is a simple

$ sudo pkg install -y wireguard

This gifts me the installation of two packages, wireguard-go, the main thing and wireguard which does have the /usr/local/bin/wg command, but more importantly, it has the /usr/local/bin/wg-quick which takes a ... kind of simple config file and feeds it to wg.

Server Side

In /usr/local/etc/wireguard/server.conf on the server, I've got the following. is the servers IP on the tun interface with the listed peers

PrivateKey = serverprivate
ListenPort = 51820
Address    =

PublicKey  = clientpublic
AllowedIPs =
PersistentKeepalive = 25

Client Side

Very similar to the server, in /usr/local/etc/wireguard/client.conf, and is the clients IP in the wireguard tunnel.

PrivateKey = clientprivate
Address    =

PublicKey  = serverpublic
Endpoint   =
AllowedIPs =
PersistentKeepalive = 25 is the IP of the listening server


comments powered by Disqus