How to setup a Wireguard VPN for free!
Go grab a free account if you haven’t already signed for one from Azure or you could use your AWS free compute hours with a small EC2 instance.
Create a the small VM that fits in the free price range
Set the networking rules to allow ANY traffic TCP/UDP over port 51820 (Wireguard really only used UDP though I am pretty sure). In azure you would do this by creating the Free VM (which can be created with a few clicks from that link after creating your account). Then once the VM is created and ready you and you have a status of “Your deployment is complete” you can open the “Deployment details” section and click on the Resource link of Type “Microsoft.Compute/virtumachines”.
In the left sidebar there will be a link for Networking. Click this.
On the networking page click “Add Inbound port rule”.
Create a rule with the following:
Source: Any Source port range: * Destination: Any Desitnation port range: 51820 Protocal: Any Action: Allow PriorityL 380 Name: Port_51820 Description: Wireguard
SSH into your VM.
Run the following:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27
- Now if you are using the OSX Wireguard App you will create a new “empty tunnnel” by clicking the bottom left plus button. Paste in the following replacing
with your VM IP and then replace with the value from the clientprivatekey file. will be replaced with the Server Public Key:
1 2 3 4 5 6 7 8 9 10 11
- After replacing the values I mentioned and copying this into the Wireguard OSX App you will have a Client Public Key generated. It will be right above the text box you paste the configuration into. Take this value and replace
with it. Replace with the Server Private Key that was printed out in the last set of commands you ran on the VM. The run the following on your VM:
1 2 3 4 5 6 7 8 9 10 11 12 13 14
You may also want to setup a firewall on your VM by running:
1 2 3
This is optional.
- It is time to start the Wiregaurd server. Run this on your VM:
1 2 3
Note: after every change to your /etc/wiregaurd/wg0.conf file you will need to bring the wiregaurd service down and back up again:
- You should now be able to go back to you Wireguard client and activate the connection. Google “What Is My IP” and verify that your IP has changed. You could then also try checking if you have DNS Leaks. Note that I am using Cloudflare DNS. I believe for a really secure VPN you would want to install DNS on your VPN as well but I have not bothered to attempt that yet.