Skip to content

WireGuard VPN

In this article

Information

WireGuard VPN is a fast and secure virtual private network (VPN) protocol. It uses modern cryptographic protocols and algorithms to secure the connection and provides fast and efficient data transfer. WireGuard VPN supports multiple platforms including Linux, Android, iOS, macOS and Windows. It can be integrated into existing network infrastructure.

Getting started after deploying WireGuard VPN

After payment of the order, a notification of the server's readiness for operation will be sent to the e-mail address specified during registration. It will contain the IP address of the VPS, as well as the login and password for connection. Clients of our company manage the equipment in the server control panel and API - Invapi.

Here you can also find the credentials, which can be found either in the Info >> Tags tab of the server control panel or in the email sent to you:

  • Link to access the Wireguard webpanel: in the webpanel tag. The exact link of the form https://{Server_ID_from_Invapi}.hostkey.in comes in the email sent when the server is handed over and is duplicated in the wgui dashboard line of the General Information section of the server;
  • Login: root;
  • Password: Sent to your email address after the server is ready for use following software deployment. Matches the server's root password.

Attention

The service is only available with the root password, which is automatically set when the service is set up. Changing the root password in the operating system does not change the password in the Wireguard UI panel. To change the password in the Panel, use these instructions.

Note

If, when logging into the Wireguard UI web panel, you see login successful but no login occurs, connect to the server via SSH or HTML Console as root and restart the Docker container with the command

docker restart wireguard-ui

Creating a new user

  • Open the control panel of the WireGuard VPN server using the link from the Connection data section;
  • Choose Wireguard Clients in the left menu;
  • Click the New Client button in the upper right corner:

Fill in the required Name field. Do not change the rest of the fields unless necessary: - IP Allocation - is automatically filled; - Allowed IPs - is automatically filled. 0.0.0.0/0 means that access to all network resources will go through the VPN while connecting to a VPN server; - In the Preshared Key item, you can put down the "-" sign. This will disable additional encryption, which is required for resistance to hacking, but at the moment of technological development is not in demand:

  • Click the Submit button;
  • Click the Apply config button in the upper right corner (next to the New Client button).

Attention

You must complete any changes to the user profile using the Apply config button. Without pressing this button, the VPN connection will not work.

The client has been created and the server is waiting for a connection.

Connection to the VPN server

Mac/Windows

  • Install the WireGuard app on your device;
  • Open the control panel of the WireGuard VPN server using the link from the Connection data section;
  • Choose Wireguard Clients in the left menu;
  • Find the right client;
  • Download the configuration file for this client by clicking the Download button:

  • Launch the WireGuard client on your device;
  • Click on the Import tunnels from files button and choose the downloaded configuration file. A new connection will appear with the username specified earlier, the connection status will be Disconnected.
  • Click the Activate button, the status will be changed to Activated.

Attention

In some cases, you may need to restart the local device for the correct operation of the service.

IOS and Android

  • Install the WireGuard app from Google Play Market for Android or AppStore for IOS;
  • Open the control panel of the WireGuard VPN server using the link from the Connection data section;
  • Choose Wireguard Clients in the left menu. Find the right client. Open the QR code of this client by clicking on the QR code button:

  • Open the WireGuard app on your phone;
  • Click the Add tunnel button. Choose the option Create from QR code;
  • Scan the QR code. Name the connection;
  • Allow the application to change the VPN settings by following the phone's prompts;
  • To connect to the VPN server, switch to the on state.

Linux

Download the configuration file and run the command:

sudo nmcli connection import type wineguard file "FILE_NAME.conf"

Using a VPN Server as HTTP Proxy

A server with WireGuard installed can be used as an HTTP proxy server for all popular browsers. You can use your browser's default settings to set up an HTTP proxy connection, or you can take advantage of additional controls of HTTP proxy in browsers, such as SwitchyOmega, ProxMate, Proxy-Switcher, and others.

In this manual, we will analyze the installation and use of SwitchyOmega.

Follow the steps below to install and use SwitchyOmega:

  1. Install the SwitchyOmega extension for the Google Chrome or Mozilla Firefox browser.

  2. Create a proxy server profile in SwitchyOmega:

    • Open the browser and click on the SwitchyOmega icon in the upper right corner of the browser window;
    • Choose New Profile in the menu;
    • Enter the name of the profile in the Profile name field;
    • Choose the type of proxy server in the menu Protocol - HTTP;
    • Enter the internal address of the VPN server 10.252.1.1 and its port 3128 in the appropriate fields;

!!! note "Note" To use HTTP proxy, you first need to connect to a VPN server.

- Press the ~~**Save**~~ button.

  1. Enable the proxy server profile in SwitchyOmega.

    • Click on the SwitchyOmega icon in the upper right corner of the browser window;
    • Choose the previously created proxy server profile in the menu;
    • The proxy server profile should become active and its name should appear at the top of the list in the SwitchyOmega menu.

An example of settings in Google Chrome:

VPN Performance Check

To check the connection to the server, you can enter What is my IP in your browser's search bar or visit whatismyipaddress.com. If a successful connection has been made, the IP address and region will be displayed:

Password change in the Wireguard UI panel

If you want to change your Panel password or have forgotten your Panel password, you can do so by following the steps below:

  • Connect to the server using SSH or HTML Console;

  • Edit the configuration file/data/wgui/users/root.json:

        {
    "username": "admin",
    "Password": "you_password",
    "password_hash": "",
    "admin": true
    }
    - restart the container with the command

    docker restart wireguard-ui

Deployment Features

  • Installation on RHEL 8+ family is possible.
  • Installation time is 15-20 minutes, including OS.
  • Containerized installation of WGUI + SSL in the hostkey.in zone
  • Installed software:
    • Docker CE;
    • Docker Compose.
  • Used containers:
    • ngoduykhanh/wireguard-ui:latest;
    • jonasal/nginx-certbot:latest.
  • Route to compose: - /root/wgui.
  • Route to mounted directories: - /data.
  • To customize the installation, you need to make changes in /root/wgui/compose.yml. Then restart compose via commands: 
docker compose down -f /root/wgui/compose.yml && docker compose up -f /root/wgui/compose.yml -d

Ordering a server with WireGuard using the API

To install this software using the API, follow these instructions