Scribd
Upload
74 views2 pages

Raspberry VPN Setup

Uploaded by

Manthos Ioannidis
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
74 views2 pages

Raspberry VPN Setup

Uploaded by

Manthos Ioannidis
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd

Secure Remote Access to Raspberry Pi via VPN (WireGuard)

=========================================================

1. Set Up a VPN Server (WireGuard) on Raspberry Pi


--------------------------------------------------
- Update and install WireGuard:
sudo apt update && sudo apt upgrade -y
sudo apt install wireguard -y

- Generate WireGuard keys:


umask 077
wg genkey | tee privatekey | wg pubkey > publickey

- Configure WireGuard interface:


sudo nano /etc/wireguard/[Link]

Add the following configuration:


[Interface]
Address = [Link]/24
PrivateKey = <paste the private key here>
ListenPort = 51820

[Peer]
PublicKey = <client's public key>
AllowedIPs = [Link]/32

- Enable and start WireGuard:


sudo systemctl enable wg-quick@wg0
sudo systemctl start wg-quick@wg0

2. Set Up Port Forwarding on Your Router


-----------------------------------------
- Forward port 51820 (WireGuard default) to the Raspberry Pi’s local IP.
Example: External Port 51820 → Internal IP [Link] → Internal Port 51820

3. Install WireGuard on Client Devices


---------------------------------------
- For Windows/Mac/Linux: Download from [Link]
- For iOS/Android: Install the WireGuard app from the App Store or Google Play.

4. Configure the Client Device


-------------------------------
- Generate client keys on the Raspberry Pi:
wg genkey | tee client_privatekey | wg pubkey > client_publickey

- Add the client as a peer on the server:


Edit /etc/wireguard/[Link] and add:
[Peer]
PublicKey = <client public key>
AllowedIPs = [Link]/32

Restart WireGuard:
sudo systemctl restart wg-quick@wg0

- Create a client configuration file:


[Interface]
PrivateKey = <client private key>
Address = [Link]/32
[Peer]
PublicKey = <server public key>
Endpoint = <your public IP or DDNS>:51820
AllowedIPs = [Link]/0, ::/0

5. Connect and Test the VPN


----------------------------
- Import the client configuration into the WireGuard app.
- Connect to the VPN.
- Test SSH or VNC by connecting to [Link] (the Raspberry Pi VPN IP).

6. Secure and Maintain


-----------------------
- Enable a firewall on the Raspberry Pi:
sudo ufw allow 51820/udp
sudo ufw enable

- Monitor VPN connections:


sudo wg show

- Keep Raspberry Pi software up to date:


sudo apt update && sudo apt upgrade -y

You might also like