Configuring Wireguard with netplan
Server Network
Published: 2021-04-29

Here’s a note on setting up Wireguard using netplan. I couldn’t find many Japanese articles on this topic.

Tested on Ubuntu 20.04.

Server Side

  • Generating private and public keys
# umask 077
# wg genkey | tee private.key | wg pubkey > public.key
  • netplan configuration
network:
  tunnels:
    wg0:
      mode: wireguard
      key: <Generated private.key>
      port: 50000                    # UDP port number to listen on
      addresses: [ 192.168.2.1/30 ]  # IP address for wg0
      peers:
        - allowed-ips: [0.0.0.0/0]
          keepalive: 25
          keys:
            public: <Client's public.key>

Client Side

  • Generating private and public keys
# umask 077
# wg genkey | tee private.key | wg pubkey > public.key
  • netplan configuration
network:
  tunnels:
    wg1:
      mode: wireguard
      key: <Generated private.key> 
      port: 50000
      addresses: [ 192.168.2.2/30 ]
      peers:
        - allowed-ips: [0.0.0.0/0]
          endpoint: XXX.XXX.XXX.XXX:50000  # Server to connect to
          keepalive: 25
          keys:
            public: <Server's public.key> 

It was simpler to configure than using wg.conf. However, note that in my experience, the connection seems to drop momentarily every time I apply netplan.