Wireguard
- You can support more guides like this
- Version
- Create Date June 13, 2024
- Last Updated June 13, 2024
- Installation Support Ask Support
-
Number of views
N/A
Fast, modern, secure VPN tunnel
About: https://www.wireguard.com
In this guide i will show how to install Wireguard using Portainerand Docker.
If you already have docker and portainer installed, and you know your user id and group id, skip to Step 5
Follow this guide to install docker: How to install docker
Follow this guide to install portainer: How to install portainer
Follow this guide to connect to your NAS terminal to find your username ID and group ID: How to connect to NAS via terminal using putty
Find your current time zone on this website, as example for Brussels is:
TZ=Europe/Brussels
Open Portainer by typing in your web browser http://yournasip:19000
After you login on Portainer, go to Home, then click on your Local Environment
Go to Stacks and click on Add stack
On the name type wg-easy, select Web editor and paste the code below.
Make sure you replace the PUID and PGID with the values for your user found on Step 3
Make sure you replace the TZ value with the value for your specific zone found on Step 4
Make sure you replace my.ddns.org with your fixed WAN IP Address or your dynamic dns
Make sure you replace the ugreen password with your own password
restart:
you can choose from always, unless-stopped, or on-failure[:number of retries]
version: "3.9" services: wg-easy: container_name: wg-easy environment: - PUID=1000 - PGID=10 - TZ=Europe/Brussels - LANG=en - WG_HOST=my.ddns.org - PASSWORD=ugreen volumes: - /volume1/DockerData/Wireguard:/etc/wireguard ports: - 51820:51820/udp - 51821:51821/tcp cap_add: - NET_ADMIN - SYS_MODULE sysctls: - net.ipv4.conf.all.src_valid_mark=1 - net.ipv4.ip_forward=1 restart: unless-stopped image: ghcr.io/wg-easy/wg-easy
Scroll down and click on Deploy the stack.
If everything goes well, you will get a message that the stack was successfully deployed.
You will see now the container running
In order to be able to access the VPN server from outside, you need now to create a port forward rule on your router.
Here below a picture from my UniFi router (different router have different interface, you have to find yourself where the port forward option is).
In our port forward rule, we need to forward the port 51820/tcp to the IP address of our UGREEN NAS.
Now on your web browser type http://yournasip:51821
and login with your configured password
Now press on New Client, type a name for your client and press on create
Once the client config was created, press on QR code (if you add client on PC, you can press on the download config button. Then this config must be uploaded on Wireguard client on your PC)
Install the Wireguard app on your android phone, press the + icon on the bottom of your screen and select Scan from QR code.
Give a name to your tunnel and press Create Tunnel.
Now turn on the tunnel and you are ready to access your NAS from external connection via VPN.
Now you can access your NAS http://yournasip
and you can see traffic going on through VPN