Skip to main content

Wireguard

I had two goals I wanted to accomplish with VPNs.

  1. I first wantedneed to redirect all outbound traffic from a specific subnet through a VPN so any client on that subnet would have increasedits privacy.privacy Myprotected secondby goalthe wasVPN.

    to
    2. allow

  2. Allow me to VPN into my home network from somewheresomehwere else and have access to everything as if I was sitting on my computer at home.

    To
    3. accomplish
this

Both of them could have been accomlished with any VPN most likely but I usedwent a new exciting addition the Linux kernelwith WireGuard. since it is a simple and fast VPN whose setup is similar to SSH so it was inuitive for me to setup.

Host Setup

To use Wireguard inside of a LXC container the host has to have Wireguard installed since LXC guests are run with the kernel of the host system. Wireguard was first mainlined into the Linux kernel in version 5.6 so with kernel versions using 5.6 or later it is already built in. Anything before 5.6 that doesn't specifically have Wireguard backported in will need to use kernel modules to get it working. Wireguard.com has detailed instructions on how to install it on nearly any platfomr you'd want to install it onto.

Guest Setup

Additionally I need the wireguard-tools package in the LXC guest.

Back to top