Skip to main content

Wireguard On Kali Linux

What Is Wireguard?


Wireguard is a open-source software application and protocol that implements Virtual Private Network (VPN) Techniques to create secure point-to-point connections in routed or bridged configurations. It is run as module inside the linux kernel and aims for better performance than IPsec and openvpn tunneling protocols.


Getting Started With Wireguard On Kali Linux -

As Wireguard is  added to kali linux repositories, it can be simply Installed with terminal -

 apt install wireguard resolvconf

As the installation completes, next step is to configure wireguard to use it.
So, We Need To generate public/private key pair and set up initial config file -

wg genkey | tee privatekey | wg pubkey > publickey
umask u=rwx,go= && cat > /etc/wireguard/wg0.conf << EOF
[Interface]
Address = 10.222.222.1/24
SaveConfig = true
ListenPort = 51820
PrivateKey = -SERVER PRIVATE KEY-

[Peer]
PublicKey = -CLIENT PUBLIC KEY-
AllowedIPs = 10.222.222.2/32
EOF

 And We Do the Same Process on the client to establish its key pair and config -

wg genkey | tee privatekey | wg pubkey > publickey
umask u=rwx,go= && cat /etc/wireguard/wg0.conf  << EOF
[Interface]
Address = 10.222.222.2/32
PrivateKey = -CLIENT PRIVATE KEY-
DNS = 8.8.8.8

[Peer]
PublicKey = -SERVER PUBLIC KEY-
Endpoint = public.ip.of.server:51820
AllowedIPs = 0.0.0.0/0
PersistentKeepalive = 21
EOF

It is Pretty Simple to turn off and on the tunnel -

# The VPN can be enabled using
wg-quick up wg0
# To disable the VPN:
wg-quick down wg0
# Information about the connection can be retrieved with following command:
wg show

And of Course, We Need to enable IP masquerade and IP Forwarding on the server -

/sbin/iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
echo 1 > /proc/sys/net/ipv4/ip_forward


After this we need Some minor Changes to our configs. First Up on the server we Changed "allowedIPs" line to have the private network on the report site. This would look like so: -

[Interface]
Address = 10.222.222.1/24
SaveConfig = true
ListenPort = 51820
PrivateKey = -SERVER PRIVATE KEY-

[Peer]
PublicKey = -CLIENT PUBLIC KEY-
AllowedIPs = 10.200.200.2/32, 192.168.2.0/24

Now After Changing that One Line on the server, We then tweak the clients "AllowedIPs" line to remove the option to route everything to the VPN Server -

[Interface]
Address = 10.200.200.2/32
PrivateKey = -CLIENT PRIVATE KEY-
DNS = 8.8.8.8

[Peer]
PublicKey = -SERVER PUBLIC KEY-
Endpoint = public.ip.of.server:51820
AllowedIPs = 10.200.200.0/24
PersistentKeepalive = 21

And That's It -

root@kali:~# ping 192.168.2.22
PING 192.168.2.22 (192.168.2.22) 56(84) bytes of data.
64 bytes from 192.168.2.22: icmp_seq=19 ttl=63 time=50.2 ms
64 bytes from 192.168.2.22: icmp_seq=20 ttl=63 time=53.4 ms
64 bytes from 192.168.2.22: icmp_seq=21 ttl=63 time=48.1 ms


Now The VPN Server Can access the subnets on the sides of the wireguard VPN.

Comments

Post a Comment

Popular Posts

Jio Phone 2 Released and Here are it's Specification

Jio Phone 2 mobile was launched in July 2018. The phone comes with a 2.40-inch display with a resolution of 240 x 320 Pixels. It comes with 512MB of RAM. The phone packs 4GB of internal storage that can be extended up to 128GB via a SD card. As far as the cameras are concerned, the Jio Phone 2 has a 2-megapixel primary camera on the rear and a 0.3-megapixel front shooter for selfies. The Jio Phone 2 runs KAI OS and is powered by a 2000mAh. Connectivity options include Wi-Fi, GPS, Bluetooth, NFC and FM.  Jio Has Decided To Set it up on a Price of Rs 3000 and A Promotional Offer has Been Also Started, according to which you can Exchange your old feature phone and get a new Jio Phone 2 only in Rs 500. Here Are It's Specifications - General - Release Date July 2018 Form Factor QWERTY Battery Capacity 2000 mAh Display - Screen Size 2.40 Touch Screen No Resolution 240x320Pixels ...
Post a Comment
Read more

What is Kali Linux an Introduction.

What is a Kali Linux? Kali Linux  is a Debian-based Linux distribution aimed at advanced Penetration Testing and Security Auditing. Kali Contains Several Hundred Tools which are geared towards various information security tasks, such as Penetration Testing, Security research, Computer Forensics and Reverse Engineering. Kali Linux is Developed, funded and maintained by Offensive Security , a leading information security trading company. Kali linux was released on the 13th March, 2013 as a complete, top-to-bottom rebuild of Backtrack Linux, adhering completely to Debian Development Standards. The Features of Kali Linux are as Follows - More Than 600 Penetration testing tools included Free and always will be Open source Git tree Filesystem Hierarchy Standard Compliant Wide-ranging wireless device support Custom kernel, patched for injection Developed in a secure environment GPG signed packages and repositories Multi-language Support Completely customizable...
Post a Comment
Read more