WireGuard VPN¶
In this article
Information
WireGuard VPN is a fast and secure virtual private network (VPN) protocol. It uses modern cryptographic protocols and algorithms to secure the connection and provides fast and efficient data transfer. WireGuard VPN supports multiple platforms including Linux, Android, iOS, macOS and Windows. It can be integrated into existing network infrastructure.
Getting started after deploying WireGuard VPN¶
After payment of the order, a notification of the server's readiness for operation will be sent to the e-mail address specified during registration. It will contain the IP address of the VPS, as well as the login and password for connection. Clients of our company manage the equipment in the server control panel and API - Invapi.
Here you can also find the credentials, which can be found either in the Info >> Tags tab of the server control panel or in the email sent to you:
- Link to access the Wireguard webpanel: in the webpanel tag. The exact link of the form
https://{Server_ID_from_Invapi}.hostkey.in
comes in the email sent when the server is handed over and is duplicated in thewgui dashboard
line of the General Information section of the server; - Login:
root
; - Password: Sent to your email address after the server is ready for use following software deployment. Matches the server's
root
password.
Attention
The service is only available with the root
password, which is automatically set when the service is set up. Changing the root password in the operating system does not change the password in the Wireguard UI panel. To change the password in the Panel, use these instructions.
Note
If, when logging into the Wireguard UI web panel, you see login successful
but no login occurs, connect to the server via SSH or HTML Console as root
and restart the Docker container with the command
Creating a new user¶
- Open the control panel of the WireGuard VPN server using the link from the Connection data section;
- Choose Wireguard Clients in the left menu;
- Click the
New Clientbutton in the upper right corner:
Fill in the required Name field. Do not change the rest of the fields unless necessary: - IP Allocation - is automatically filled; - Allowed IPs - is automatically filled. 0.0.0.0/0
means that access to all network resources will go through the VPN while connecting to a VPN server; - In the Preshared Key item, you can put down the "-" sign. This will disable additional encryption, which is required for resistance to hacking, but at the moment of technological development is not in demand:
- Click the
Submitbutton; - Click the
Apply configbutton in the upper right corner (next to theNew Clientbutton).
Attention
You must complete any changes to the user profile using the Apply config button. Without pressing this button, the VPN connection will not work.
The client has been created and the server is waiting for a connection.
Connection to the VPN server¶
Mac/Windows¶
- Install the WireGuard app on your device;
- Open the control panel of the WireGuard VPN server using the link from the Connection data section;
- Choose Wireguard Clients in the left menu;
- Find the right client;
- Download the configuration file for this client by clicking the
Downloadbutton:
- Launch the WireGuard client on your device;
- Click on the
Import tunnels from filesbutton and choose the downloaded configuration file. A new connection will appear with the username specified earlier, the connection status will be Disconnected. - Click the
Activatebutton, the status will be changed to Activated.
Attention
In some cases, you may need to restart the local device for the correct operation of the service.
IOS and Android¶
- Install the WireGuard app from Google Play Market for Android or AppStore for IOS;
- Open the control panel of the WireGuard VPN server using the link from the Connection data section;
- Choose Wireguard Clients in the left menu. Find the right client. Open the QR code of this client by clicking on the
QR codebutton:
- Open the WireGuard app on your phone;
- Click the
Add tunnelbutton. Choose the optionCreate from QR code; - Scan the QR code. Name the connection;
- Allow the application to change the VPN settings by following the phone's prompts;
- To connect to the VPN server, switch to the on state.
Linux¶
Download the configuration file and run the command:
Using a VPN Server as HTTP Proxy¶
A server with WireGuard installed can be used as an HTTP proxy server for all popular browsers. You can use your browser's default settings to set up an HTTP proxy connection, or you can take advantage of additional controls of HTTP proxy in browsers, such as SwitchyOmega, ProxMate, Proxy-Switcher, and others.
In this manual, we will analyze the installation and use of SwitchyOmega.
Follow the steps below to install and use SwitchyOmega:
-
Install the SwitchyOmega extension for the Google Chrome or Mozilla Firefox browser.
-
Create a proxy server profile in SwitchyOmega:
- Open the browser and click on the SwitchyOmega icon in the upper right corner of the browser window;
- Choose New Profile in the menu;
- Enter the name of the profile in the Profile name field;
- Choose the type of proxy server in the menu Protocol -
HTTP
; - Enter the internal address of the VPN server
10.252.1.1
and its port3128
in the appropriate fields;
!!! note "Note" To use HTTP proxy, you first need to connect to a VPN server.
- Press the ~~**Save**~~ button.
-
Enable the proxy server profile in SwitchyOmega.
- Click on the SwitchyOmega icon in the upper right corner of the browser window;
- Choose the previously created proxy server profile in the menu;
- The proxy server profile should become active and its name should appear at the top of the list in the SwitchyOmega menu.
An example of settings in Google Chrome:
VPN Performance Check¶
To check the connection to the server, you can enter What is my IP
in your browser's search bar or visit whatismyipaddress.com. If a successful connection has been made, the IP address and region will be displayed:
Password change in the Wireguard UI panel¶
If you want to change your Panel password or have forgotten your Panel password, you can do so by following the steps below:
-
Connect to the server using SSH or HTML Console;
-
Edit the configuration file
- restart the container with the command/data/wgui/users/root.json
:
Deployment Features¶
- Installation on RHEL 8+ family is possible.
- Installation time is 15-20 minutes, including OS.
- Containerized installation of WGUI + SSL in the hostkey.in zone
- Installed software:
- Docker CE;
- Docker Compose.
- Used containers:
- ngoduykhanh/wireguard-ui:latest;
- jonasal/nginx-certbot:latest.
- Route to compose: -
/root/wgui
. - Route to mounted directories: -
/data
. - To customize the installation, you need to make changes in
/root/wgui/compose.yml
. Then restart compose via commands:
Ordering a server with WireGuard using the API¶
To install this software using the API, follow these instructions.