Mullvad public WireGuard server for testing

Development discussion of WireGuard
 help / color / mirror / Atom feed

From: "Jason A. Donenfeld" <Jason@zx2c4.com>
To: "Fredrik Strömberg" <stromberg@mullvad.net>
Cc: WireGuard mailing list <wireguard@lists.zx2c4.com>
Subject: Mullvad public WireGuard server for testing
Date: Sat, 25 Feb 2017 15:31:12 +0100	[thread overview]
Message-ID: <CAHmME9pL8U9=-BWZJvwjeoDMqhSR6u5V8zhgf4bAa2p56GV6ig@mail.gmail.com> (raw)

Hi Fred,

This is nice to hear. Congratulations on getting it up and running.
That then makes 3 public servers:

1. Mine - https://www.wireguard.io/quickstart/#demo-server
2. Veil - https://veil.nuke.red/
3. Yours

I'm very happy about this!

Those instructions are very thorough, but they're not as simple as
they could be. Instead, I'd recommend you use wg-quick, which takes
care of setting up all the addressing and routing table stuff.

Instead, instruct users to fill in /etc/wireguard/mullvad.conf:

[Interface]
PrivateKey = INSERT_YOUR_PRIVATE_KEY_HERE
Address = INSERT_THE_IP_WE_GIVE_YOU_HERE
ListenPort = 51820

[Peer]
PublicKey = NFSMulKTJvtrlNDozk/plAvtPyUkQktx7SlLt0E7fhQ=
Endpoint = 193.138.219.62:51820
AllowedIPs = 0.0.0.0/0

Then, the next instructions are simply:

$ wg-quick up mullvad
$ wg-quick down mullvad

To turn on and off the VPN, respectively. If you want to add DNS
support, you can easily do that too; check out the man page of
wg-quick(8) for examples on this.

This allows you to get rid of the otherwise extremely complex
instructions regarding default gateways and routing tables and such.
wg-quick uses a more clever trick involving ip-rule, but the user
doesn't have to configure it; it simply just works by itself when
using wg-quick.

I know that as soon as I get my Mullvad credentials setup, I'll
certainly be using wg-quick myself.

Regards,
Jason

PS: Since Mullvad is a commercial organization and doesn't represent
the official direction of the WireGuard open source project, please
include "Mullvad" in your subject lines, rather than "Announcement" or
"[ANNOUNCE]" which are often treated a bit more officially.

next             reply	other threads:[~2017-02-25 14:29 UTC|newest]

Thread overview: 2+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2017-02-25 14:31 Jason A. Donenfeld [this message]
2017-02-25 15:25 ` Fredrik Strömberg

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='CAHmME9pL8U9=-BWZJvwjeoDMqhSR6u5V8zhgf4bAa2p56GV6ig@mail.gmail.com' \
    --to=jason@zx2c4.com \
    --cc=stromberg@mullvad.net \
    --cc=wireguard@lists.zx2c4.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).