• You can support more guides like this Click to Donate
  • Version
  • Create Date June 13, 2024
  • Last Updated June 13, 2024
  • Installation Support Ask Support
  • Number of views

Fast, modern, secure VPN tunnel

About: https://www.wireguard.com

In this guide i will show how to install Wireguard using Portainerand Docker.

If you already have docker and portainer installed, and you know your user id and group id, skip to Step 5

Follow this guide to install docker: How to install docker

Follow this guide to install portainer: How to install portainer

Follow this guide to connect to your NAS terminal to find your username ID and group ID: How to connect to NAS via terminal using putty

Find your current time zone on this website, as example for Brussels is:


Open Portainer by typing in your web browser http://yournasip:19000

After you login on Portainer, go to Home, then click on your Local Environment

Go to Stacks and click on Add stack

On the name type wg-easy, select Web editor and paste the code below.

Make sure you replace the PUID and PGID with the values for your user found on Step 3
Make sure you replace the TZ value with the value for your specific zone found on Step 4
Make sure you replace my.ddns.org with your fixed WAN IP Address or your dynamic dns
Make sure you replace the ugreen password with your own password

restart: you can choose from alwaysunless-stopped, or on-failure[:number of retries]

version: "3.9"
        container_name: wg-easy
          - PUID=1000
          - PGID=10
          - TZ=Europe/Brussels
          - LANG=en
          - WG_HOST=my.ddns.org
          - PASSWORD=ugreen
            - /volume1/DockerData/Wireguard:/etc/wireguard
            - 51820:51820/udp
            - 51821:51821/tcp
            - NET_ADMIN
            - SYS_MODULE
            - net.ipv4.conf.all.src_valid_mark=1
            - net.ipv4.ip_forward=1
        restart: unless-stopped
        image: ghcr.io/wg-easy/wg-easy

Scroll down and click on Deploy the stack.

If everything goes well, you will get a message that the stack was successfully deployed.

You will see now the container running

In order to be able to access the VPN server from outside, you need now to create a port forward rule on your router.
Here below a picture from my UniFi router (different router have different interface, you have to find yourself where the port forward option is).
In our port forward rule, we need to forward the port 51820/tcp to the IP address of our UGREEN NAS.

Now on your web browser type http://yournasip:51821 and login with your configured password

Now press on New Client, type a name for your client and press on create

Once the client config was created, press on QR code (if you add client on PC, you can press on the download config button. Then this config must be uploaded on Wireguard client on your PC)

Install the Wireguard app on your android phone, press the + icon on the bottom of your screen and select Scan from QR code.
Give a name to your tunnel and press Create Tunnel.

Now turn on the tunnel and you are ready to access your NAS from external connection via VPN.

Now you can access your NAS http://yournasip and you can see traffic going on through VPN

User Reviews
You are not allowed to post review.
Posted in .