WireGuard Config Generator

Generate server and client configurations

Set up your own VPN

Instructions to set up a WireGuard Server

These are minimal instructions to quickly get a WireGuard server up and running:

  • Create a Debian or Ubuntu based server with the following software and configuration:

    sudo apt updatesudo apt install wireguard iptables -ysudo sysctl -w net.ipv4.ip_forward=1
  • Update 'Server Host' with the IP or DNS of the server at a minimum. When edited, this tool will immediately update the configuration and QR code.
  • Copy the generated server configuration to the clipboard and save it in the '/etc/wireguard/server.conf' file on the server.
  • Bring up the WireGuard interface on the server:

    sudo wg-quick up server
  • Download the zip file containing all configuration files to use with the official WireGuard client app. Alternatively, scan the QR code here on the official WireGuard mobile app.

Notes on the usage of this tool:

  • Any edits immediately update all configurations and QR codes.
  • To regenerate keys, reload this page.
  • Each line from the PostUp (or PreDown) textarea creates a single PostUp (or PreDown) in the generated server configuration.
  • eth0 may not always be the interface name on host; for example, it could be enp1s0. If so, change interface name in the default PostUp and PreDown rules.
Server
[Interface] Address = 10.10.1.1 ListenPort = 51820 PrivateKey = loading PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -t nat -I POSTROUTING -o eth0 -j MASQUERADE PostUp = ip6tables -A FORWARD -i %i -j ACCEPT; ip6tables -t nat -I POSTROUTING -o eth0 -j MASQUERADE PreDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE PreDown = ip6tables -D FORWARD -i %i -j ACCEPT; ip6tables -t nat -D POSTROUTING -o eth0 -j MASQUERADE [Peer] PublicKey = loading AllowedIPs = 10.10.1.2/32
Client 1
[Interface] Address = 10.10.1.2 PrivateKey = loading DNS = 1.1.1.1 [Peer] Endpoint = server-dns-or-ip:51820 PublicKey = loading AllowedIPs = 0.0.0.0/0, ::/0 PersistentKeepalive = 25