In this tutorial, we will look at how to set up WireGuard on a Raspberry Pi using PiVPN! Easy instructions that will help you set up the WireGuard VPN.
WireGuard is awesome! Up until WireGuard, the gold standard for VPNs has been OpenVPN, which is still a great VPN option. However, WireGuard is a faster alternative that’s somewhat easier to implement. It also has the benefit of being a lot simpler than OpenVPN, which doesn’t seem important, but it is.
We will focus on how to set up WireGuard on a Raspberry Pi, but if you’re already using OpenVPN, the overall functionality will be similar.
Ultimately, more complex systems have more attack points, so if you care about security, WireGuard might be your answer. In this tutorial, we will look at how to set up WireGuard on a Raspberry Pi, but it’s important to note that you can install WireGuard on various types of devices.
It’s best to run PiVPN and WireGuard on a Raspberry Pi 4, but if you have at least a Raspberry Pi 3 B+, that should be fine. This is because only the Raspberry Pi 3 B+ and Raspberry Pi 4 have gigabit ethernet, which is preferable for PiVPN and WireGuard.
1. How to Set Up WireGuard on a Raspberry Pi
Thanks to a handy script (PiVPN), installing WireGuard VPN Server on a Raspberry Pi is very simple. Generally, you want to ensure the script you’re running is trusted. This is a known and trusted script, but I still urge you to review it. We will look at how to set up WireGuard on a Raspberry Pi below.
1. Open Terminal on your Raspberry Pi and run the command below, which will execute a script to install PiVPN (which has WireGuard built-in).
curl -L https://install.pivpn.io | bash
2. Wait for the process to install the necessary packages. When it’s done, you will be brought to a screen that will inform you that PiVPN will allow you to install OpenVPN or WireGuard on a Raspberry Pi. Select OK.
3. The next screen will inform you that you need to set a static IP address. It’s best to set a static IP address in your router’s settings, as you are ensuring that DHCP does not try and give this address to any other devices.
However, certain routers (mostly ISP provided ones) do not allow you to complete DHCP reservations. If you can’t set a static IP address for your Raspberry Pi in your router, set a static IP address on the Raspberry Pi by following the instructions.
I specified a static IP address in my router so I am going to skip this step.
4. You will now need to select a local user. If you’ve created a different user (outside of the default pi user), you will have the option here.
5. You will be asked to select a VPN type. Select WireGuard.
6. You might be prompted to install the latest kernel update. If you are, select Yes to proceed. If it doesn’t, skip to the next step to proceed.
NOTE: If you need to update the kernel, you will be required to restart this process after your Raspberry Pi reboots (start from step 1).
7. WireGuard will now install.
8. You will be asked to enter the port you’d like to use (default is 51820). It’s probably best to keep it as the default, but if you have a reason to change it, you can do that here.
NOTE: This is UDP port 51820.
9. Select Yes.
10. You now need to select the DNS provider you’d like to use. Select Custom if you’d like to use your own DNS server, or any of the public DNS providers if you don’t want to use a local DNS server.
11. I am using a local Pi-hole DNS server that I already have configured, so I added the IP address there. If you are using a public DNS provider, you can skip this step.
NOTE: The IP addresses (192.168.1.197,192.168.1.198) are my local DNS servers. This will not work for you so ensure you use your local DNS servers or a public DNS provider!
12. The DNS servers that you select will now be listed. Select Yes.
13. You will now be prompted to use your public IP address or public DNS entry. If you have a static IP address, you are free to use this address. However, if you have a dynamic external IP address, you will need to set up DDNS. You can learn how to do that here.
14. If you selected to use a dynamic DNS address, you can enter that information here. At the next screen, select Yes to confirm that it is correct.
15. You will now be prompted that the server keys will be generated. Select OK. The next step will tell you that the VPN Server will check for unattended-upgrades, and a periodic reboot will be required.
This is a great option. Enable unattended-upgrades (unless you have a good reason not to) and proceed. The packages will now install.
16. The installation is now complete! Reboot your system.
1.1 VPN Connection Types – How to Set Up WireGuard on a Raspberry Pi
This section is important for future steps (so you know what kind of profiles you’d like to create). We will be creating either a split-tunnel VPN, full-tunnel VPN, or both in later steps.
Split-Tunnel VPN: Traffic is only sent through your network if it is attempting to access an internal resource. Your IP address when navigating to a site outside of your network will be the IP address of the network that you are currently on.
Full-Tunnel VPN: All traffic is sent through your home network. Your IP address for internal and external requests will be your home network.
I created a very basic image below that explains this, but we will look at how to configure both in later steps. It’s important to note that both connection types will allow you to access your local network. This only shows how traffic is routed differently to external networks.
NOTE: This is not the exact network flow. I am simplifying the process as much as I can.
1.2 Configuration File Changes
The two changes that we will make below are in the wg0 config file. Run these commands to open the config file:
sudo su nano /etc/wireguard/wg0.conf
With the file open, proceed to the next steps.
1.2.1 PostUp & PostDown – How to Set Up WireGuard on a Raspberry Pi
This section is a little tricky because these lines will be mandatory if you’re interested in using a split-tunnel VPN profile. If you are using full-tunnel only, there’s a chance that everything will work without adding the PostUp and PostDown lines to the config file. So in summary, add these lines if you intend on using a split-tunnel VPN profile.
If you only intend on using full-tunnel, you might not need to add these lines as all traffic will be routed through your Raspberry Pi. If you don’t add them and you can’t access local resources or connect to the internet when you’re connected to your VPN, come back to this section and add these two lines.
I will do my best to break down everything in these commands so there’s some sort of explanation as to what these changes do.
- PostUp: command that is executed when you connect to your WireGuard VPN.
- IPTables: What the system should do with certain packets. A table is created with these rules so the system knows what to do when it receives a packet. These are what the different command-line parameters mean.
- Masquerade: IP address will be rewritten from source (wg0) to destination (eth0). In layman’s terms, the traffic appears as if it originates from the Raspberry Pi as opposed to the source device. When traffic comes in and is sent to your client device (where you are connected to the VPN), the traffic will have the destination IP rewritten from eth0 (Raspberry Pi) to wg0 (WireGuard network). You still need a static route if you’d like to access your VPN clients!
- PostDown: command that is executed when you disconnect from your WireGuard VPN to undo everything that we did in the “PostUp” command.
Add these lines to the config file to create an IP table when you connect to WireGuard and masquerade your IP address. NOTE: You might need to change eth0 to be the network interface of your device. However, since you’re using a Raspberry Pi, it’s most likely eth0.
PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -A FORWARD -o wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -D FORWARD -o wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
Save the file and exit!
1.3 VPN Profile Creation – How to Set Up WireGuard on a Raspberry Pi
This is the section where we will create our VPN profiles. I will be creating both, a split-tunnel VPN and full-tunnel VPN, but feel free to only create profiles for the VPN types you’d like.
1. Run the command below to add a profile.
sudo pivpn add
2. Navigate to the configs folder. There will be two config files, one for our split-tunnel profile and one for our full-tunnel.
cd configs
3. By default, WireGuard is configured as full-tunnel. For this reason, we can leave the full-tunnel file alone and edit the split-tunnel file.
nano PiVPN-ST.conf
4. The only change that we have to make here is the AllowedIPs line. By default, AllowedIPs is set as 0.0.0.0/0 which means that all traffic will go through your home network (full-tunnel VPN). To change this so that only local traffic is sent through WireGuard, we need to change this line to our local IP range.
For most people, it will be 192.168.1.0/24 or 192.168.0.0/24. If you aren’t sure what your IP range is, you can look in your router’s configuration under LAN Setup. If you’d like to have VPN clients talk to each other, you need to add the VPN subnet as well (10.6.0.0/24). Change this file to have your local IP range and save it.
5. The configuration file setup process is now complete!
1.4 Persistent Keep-Alive – How to Set Up WireGuard on a Raspberry Pi
WireGuard attempts to be as quiet as possible, meaning that it only sends and receives packets when it needs to. For this reason, clients behind a NAT or firewall might be required to keep the connection alive even when it’s not in use. To do this, you need to make a change in the configuration file.
A scenario where this is normally needed is when you have an off-site server that always needs to stay connected to your VPN server. This line will ensure the connection will not close.
1. Run these commands to open the configuration file.
sudo su nano /etc/wireguard/wg0.conf
2. You will see the VPN profiles that you configured. Add the line below to the profiles where you would like the connection to stay active.
PersistentKeepalive=25
1.5 Port Forwarding – How to Set Up WireGuard on a Raspberry Pi
We now need to port forward UDP port 51820 on our router to our Raspberry Pi. Port forwarding will be completely different on every brand’s router settings page.
This is a great guide that shows how to port forward on a few different brands of routers, but the best thing to do is try and google the name of your router and port forwarding. Example: Netgear port forwarding
- Create a port forwarding rule for UDP port 51820 to your Raspberry Pi’s IP address. In the example below, 192.168.1.30 is the IP address of my Raspberry Pi.
1.6 Static Route Configuration – How to Set Up WireGuard on a Raspberry Pi
This step is not required unless you need to access VPN devices from your home network. This is an old screenshot, so ignore the IP addresses listed and ensure you are putting the correct info into yours.
Your home network and VPN network will be on different subnets which means that your local devices will only be able to talk to the machines on its subnet (VPN network will see both).
In order to have your local network talk to your VPN network (in my case, 192.168.1.X and 10.5.0.X), a static route will need to be configured in your router.
I cannot go over the setup steps for this as each router is different, but below is a screenshot of the static route that I configured. The Gateway IP Address will be the IP address of your Raspberry Pi (since that’s where your VPN is running). The 10.5.0.0/24 subnet is where you will need to enter the IP range you are using (as defined in the WireGuard).
1.7 Accessing/Testing WireGuard Config Files
WireGuard offers applications for almost all devices that you can use. They are fairly basic, but ultimately, you only need to use them to connect to your VPN so there’s no need for them to be complex! We will look at how to set up WireGuard on a Raspberry Pi for mobile and computer applications below!
1.7.1 WireGuard Mobile Application – How to Set Up WireGuard on a Raspberry Pi
One of my favorite WireGuard features is the ability to generate a QR code and scan that code with your phone. It makes everything so much easier. Not that dealing with config files is particularly hard (and there are situations where you will still need to use config files), but taking out your phone and quickly scanning a QR code is awesome.
If you’d like to generate a QR code to scan, it’s pretty easy. First, ensure that you have the WireGuard application installed on your phone or tablet.
1. Run this command to generate a QR code.
pivpn -qr [PROFILE_NAME]
2. A QR code will be generated. Scan this code with your phone, import the profile and you’re done!
NOTE: This QR holds all information to connect to your VPN. Do not share this image with anyone unless you’d like them to get your VPN profile.
There are situations where the QR code does not pass the correct information to the mobile client. Ensure that the information in the mobile client is correct before proceeding.
3. Scan the QR code with the WireGuard smartphone application. Add the new entry and connect using an outside network. You should be able to connect to all of your local resources!
NOTE: If you test the split-tunnel config file, your external IP address should be your cell phone providers and if you test the full-tunnel, it should be your home ISP’s IP address.
1.7.2 Computer Application – How to Set Up WireGuard on a Raspberry Pi
The process we just went over is how to set up WireGuard on a Raspberry Pi using a mobile device, but if you are setting it up on a PC, you will need to copy the config files over to your device and add them to the application. You can download the application for your device here.
NOTE: You don’t need to physically copy the file, you can simply copy the contents of the file and create your own [VPN_PROFILE].conf file if it’s easier.
1.8 WireGuard Performance – How to Set Up WireGuard on a Raspberry Pi
After you install WireGuard on your Raspberry Pi 4 or 3B+, you might feel that the performance isn’t as “fast” as you expected. The reason is because you’re limited by the upload speed of your local network.
For example, if your ISP provides 25Mbps upload speeds, your download speeds through the Raspberry Pi VPN tunnel will be capped at a maximum of 25Mbps (real-world usage will be less).
This doesn’t mean that the performance will be bad, but you will certainly have slower speeds than you would if you were sitting at home on your local network.
2. Conclusion – How to Set Up WireGuard on a Raspberry Pi
This tutorial showed how to set up WireGuard on a Raspberry Pi. If you have an old Raspberry Pi laying around or you’re comfortable buying an additional device, this is a great way to use an awesome VPN product with amazing performance.
Thanks for checking out the tutorial on how to set up WireGuard on a Raspberry Pi. If you have any questions on how to set up WireGuard on a Raspberry Pi, please leave them in the comments! You can also leave them in the comments of the YouTube video if you have any questions on how to set up WireGuard on a Raspberry Pi!
What a great step by step procedure, THANK YOU! I am somewhat of a novice in the the vpn world and your tutorial was just what I needed.
The results of my installation are as stated in Section 8 Item 3 and I can access my files remotely on my phone. So it appears everything is working. I do have a couple questions though.
1. I was surprised to see the home ip address does not change when going to whatismyip.com. After thinking about it though, I believe this is because the duckdns.org ddns is not the vpn server so the home ip would remain unchanged. Am I understanding this correctly?
2. With Split Tunnel and Full Tunnel profiles created, does the PiVPN with Wireguard default to the Full Tunnel mode? If the full tunnel mode throttles my streaming TV, is it possible to switch it to split tunnel and how would I do that?
Glad that it helped!
1. Yes, these are home VPN’s, which means that you use them to access local resources and for that reason, it will appear like you’re home (home IP address) when you’re not actually home.
2. Yes, it will default to full tunnel, but it should be as easy as disconnecting from the full tunnel VPN and connecting to the split tunnel VPN.
Hey WunderTech,
Thanks for the tutorial!
I have followed your tutorial to the letter, but I seem to be having trouble getting a connection through the VPN.
I have setup wireguard, created a profile (FT), copied it across to my android using a QR code. I can activate the connection using the app, and I can see the connection using the -c command, but I am unable to navigate to any websites from my phone while the connection is active.
What could I have done wrong?
Just to confirm, you are on an external network right? Also, have you specified a valid DNS server to use?
Yes and yes, but I think you can ignore me completely. It looks like data transfer is broken on android 12 beta when using a VPN. Explains why it just suddenly stopped working.
Thanks for replying anyway!
Got it – not a problem!
Hi, I have gone through your tutorials, I have set up split tunnel Wireguard pi VPN with free ddns domain and google dns server and not added any route in router. I have created couple of clients and tested the connections. Everything works fine however my VPN client public IP address and location does not change after connecting to VPN. Do you have any idea if I am missing anything?
Thanks in advance!
Hi again, I have read above comments and learn that i need to set up full tunnel connection for that. I can confirm VPN client’s Public IP address and location does change in full tunnel connection. Nice tutorial! thank you very much!
Glad you got it working!
Thank you so much.
Additionally, i go to pihole (on my rasp pi) and edit the settings, specifically the Upstream DNS server, i choose: “Listen to all interfaces, allow all origings”.
This is to keep a second router with a DHCP function working properly. Wireguard installation changes this setting without notice.
Is the second router giving out IP addresses to a different subnet?
I have two questions (preface: I am a complete newbie)
-I would like to use this setup as my VPN server instead of Synology+OpenVPN. The Synology NAS and the Raspberry Pi will be on the same local network. If I understood right, I would need to install a client only if I am trying to enter the VPN remotely, correct? So I don’t need to setup anything on the NAS. Is this right?
-Is it possible to use the same raspberry as the DNS server and VPN server?
1. That is correct. You will set up the VPN server on the Pi, connect to it whenever you’re outside of your local network, and then you’ll be able to access all local resources (including your NAS).
2. You can, though I believe that the setup is slightly different. There are a few tutorials online I believe, but following the two tutorials I have for them might not work properly (since they’re both occupying the same Raspberry Pi).
Thank you very much! I really appreciate the work you do, you saved me a lot of time!
Thanks for the kind words, glad that the information helps!
I’m using Adguard on my Raspberry Pi, and I want to set up wireguard by PiVPN.
Adguard Home works if I set the DNS up.
For PiVPN, I set it up with mostly the default setting by clicking OK to the next step.
I’ve forward my port (should be correctly set up but not so sure), and added those two lines you mentioned. Though once I connected the VPN, I couldn’t connect to the Internet.
Anything I could do to resolve this problem?
Also, where could I send my debug message privately?
When you set up WireGuard, what are you using as the DNS server? Are you sure that it’s an internet issue and not a DNS issue? I haven’t run WireGuard + AdGuard Home, but a bunch of people run WireGuard + Pi-hole so I don’t think that would be the problem.
Hi WunderTech,
Thanks for replying. I tried your tutorial on port forwarding, though found out that seems not working on my router. Here is how I set it:
Local External
IP Address Start Port End Port IP Address Start Port End Port Prot Description Enabled
192.168.0.18 51820 51820 192.168.0.18 51820 51820 BOTH Yes
I used http://www.portchecktool.com and put in 192.168.0.18. Seems not a valid port.
I tried a few DNS servers: Google, my home IP address, 192.168.0.18. Though none of those worked out.
Any suggestions?
Best,
Zhenyu
The port that you’ll have to check is 51820 – the 192.168.0.18 is the IP address. However, you sent me a TCP port checker and WireGuard uses UDP. So I would use this site instead: https://www.ipvoid.com/udp-port-scan/
Google “what is my IP”, and put your external IP address in the first line of “IPv4 Address”, then put 51820 in as the second. Agree to the terms and you can see if it’s open.
It says:
Port Type Status Service
51820 UDP Open|filtered unknown
PLAT=Raspbian
OSCN=buster
USING_UFW=0
IPv4dev=eth0
dhcpReserv=1
IPv4addr=192.168.0.18/24
IPv4gw=192.168.0.1
install_user=pi
install_home=/home/pi
VPN=wireguard
pivpnPORT=51820
pivpnDNS1=192.168.0.18
pivpnDNS2=
pivpnHOST=my external IP address here.
Am I setting up correct?
Also, here is one of my wireguard profile for my computer:
[Interface]
PrivateKey =
Address = 10.6.0.2/24
DNS = 192.168.0.18
[Peer]
PublicKey =
PresharedKey =
Endpoint = MyExternalIPAddress:51820
AllowedIPs = 0.0.0.0/0, ::0/0
From this info, it looks correct – other than DNS. Are you running a DNS server at 192.168.0.18? If not, change that to something public (like 8.8.8.8 or 1.1.1.1) and test again.
Is there a way to troubleshoot the following issue. On a raspberry piW with pihole and unbound, decided to follow the full tutorial and it went well. But, when I activated wireguard from my mobile device and scaned the qr code it could not reach anything on the internet. And i could not connect to my pc with duckdns. I sudo -u pivpn and I will try installing it again in case i missed a step but I am not sure i know where the fault lies. Is there a chance to be a router issue?
WireGuard has a bug (some versions of it, at least) where the QR code doesn’t always work. Can you open your mobile app and ensure that the correct information was properly passed to the application?
Well, I did and after i changed dns to 1.1.1.1, i was able to reach the internet but still i am anable to connect from the outside to my ddns. And i checking through putty the sudo wg situation, there isn’t a handshake as it should. I am rather troubled by all of this….
I am a little confused on what you mean by “connect from the outside to my DDNS”? DDNS ensures that the domain name being used is always updated with your external IP address. Typing that into a web browser won’t necessarily do anything unless you’re exposing something on your local network (via port forwarding).
Well yes, for that reason I have opened a port. So in theory it should give me the ability to connect to my system/server with wireguard at least for pihole on the go. It doesnt though and i am perplexed.
What is your goal for using WireGuard? You want a full-tunnel VPN connection that will use Pi-hole as DNS? This shouldn’t be too difficult to get working, but if 1.1.1.1 worked as your DNS server, then it’s a Pi-hole issue. What are you setting as the DNS server when you try and get Pi-hole working?
Hi WunderTech,
Thanks for your help above. Though when I changed my DNS server as Google, when I created a PiVPN profile, and added to my device. My device could not connect to the Internet as before.
Here is my PiVPN debug report:
::: Generating Debug Output
:::: PiVPN debug ::::
=============================================
:::: Latest commit ::::
Branch: master
Commit:
Author: Orazio
Date: Wed Sep 15 17:52:17 2021 +0200
Summary: Important change to custom MTU handling (mainly to fix issue #1357)
=============================================
:::: Installation settings ::::
PLAT=Raspbian
OSCN=buster
USING_UFW=0
IPv4dev=eth0
IPv4addr=192.168.0.18/24
IPv4gw=192.168.0.1
install_user=pi
install_home=/home/pi
VPN=wireguard
pivpnPORT=51820
pivpnDNS1=8.8.8.8
pivpnDNS2=8.8.4.4
pivpnHOST=REDACTED
INPUT_CHAIN_EDITED=0
FORWARD_CHAIN_EDITED=0
pivpnPROTO=udp
pivpnMTU=1420
pivpnDEV=wg0
pivpnNET=10.6.0.0
subnetClass=24
ALLOWED_IPS=”0.0.0.0/0, ::0/0″
UNATTUPG=1
INSTALLED_PACKAGES=()
=============================================
:::: Server configuration shown below ::::
[Interface]
PrivateKey = server_priv
Address = 10.6.0.1/24
MTU = 1420
ListenPort = 51820
### begin zwu-sam ###
[Peer]
PublicKey = zwu-sam_pub
PresharedKey = zwu-sam_psk
AllowedIPs = 10.6.0.2/32
### end zwu-sam ###
=============================================
:::: Client configuration shown below ::::
[Interface]
PrivateKey = zwu-sam_priv
Address = 10.6.0.2/24
DNS = 8.8.8.8, 8.8.4.4
[Peer]
PublicKey = server_pub
PresharedKey = zwu-sam_psk
Endpoint = REDACTED:51820
AllowedIPs = 0.0.0.0/0, ::0/0
=============================================
:::: Recursive list of files in ::::
::::[4m/etc/wireguard shown below ::::
/etc/wireguard:
configs
keys
wg0.conf
/etc/wireguard/configs:
clients.txt
zwu-sam.conf
/etc/wireguard/keys:
server_priv
server_pub
zwu-sam_priv
zwu-sam_psk
zwu-sam_pub
=============================================
:::: Self check ::::
:: [OK] IP forwarding is enabled
:: [OK] Iptables MASQUERADE rule set
:: [OK] WireGuard is running
:: [OK] WireGuard is enabled (it will automatically start on reboot)
:: [OK] WireGuard is listening on port 51820/udp
=============================================
:::: Having trouble connecting? Take a look at the FAQ:
:::: https://docs.pivpn.io/faq
=============================================
:::: WARNING: This script should have automatically masked sensitivity ::::
:::: information, however, still make sure that PrivateKey, PublicKey ::::
:::: and PresharedKey are masked before reporting an issue. An example key ::::
:::: that you should NOT see in this log looks like this: ::::
:::: YIAoJVsdIeyvXfGGDDadHh6AxsMRymZTnnzZoAb9cxRe ::::
=============================================
:::: Debug complete ::::
:::
::: Debug output completed above.
::: Copy saved to /tmp/debug.log
:::
There’s nothing that I see that’s out of the ordinary. When you connect to WireGuard (even if it doesn’t work), can you check to see if the client is connected through the terminal?
Hi WunderTech,
Appreciate again for your help.
After connecting to the wireguard VPN on my laptop, I could still not connect to the Internet.
Here is the VPN profile on my laptop:
[Interface]
PrivateKey =
Address = 10.6.0.3/24
DNS = 8.8.8.8, 8.8.4.4
[Peer]
PublicKey =
PresharedKey =
Endpoint = My_IP_Address:51820
AllowedIPs = 0.0.0.0/0, ::0/0
I figured when I connect the VPN, the listening port is 54851.
And data only shows sent out, not receiving.
Anything I did wrong over these setups?
When you say that the listening port is 54851, did you change that? Generally, that should be 51820 which matches what the client is connecting to.
No, I didn’t change the listening port. And I realized it changed every time I connect the WireGuard VPN.
That is most likely the issue, however, I am not sure why it keeps changing. The listening port and server port should both be the same (51820).
First of all thanks for all the time you are taking to troobleshoot. Well, a full or split tunnel vpn with wireguard using pi-hole/unbound as dns and have the ability of remote access. My setting is a custom 127.0.0.1#5335 and i think pi-hole is working.
Glad to try and help! Is Unbound working without WireGuard connected? If it is, what do you have set as the DNS address for the WireGuard client?
Yes it does work without it cause i had set it about a month prior. You don’t mean the duckdns adress or i understand something wrong? A lot of steps were done by pivpn and maybe i have missed something!
From what I’ve read (haven’t tried it myself), the process is not as simple as just setting up WireGuard and Unbound separately. Have you searched Google to see how to implement it? I’m afraid that following both of my tutorials would mean that one or the other would work, but not both at the same time.
Ahh this then poses an entire different set of issues i hadn’t realise they exist. Thank you i’ll try and find a solution for that and come back with my findings or pihole and wireguard alone 😛
Hi there,
I have been trying to setup Wireguard VPN on Raspberry pi 4GB using PiVPN. The process is successful when using LAN (my raspberry LAN ip is different from eth0 ip). But when I used the eth0 to set it up (meaning I connect the raspberry pi to my router with a cable) I can’t get the VPN to work. I have also changed the Port forwarding IP on my router according to LAN/eth0 IP. Am I doing anything wrong? I just want to do this thinking that it would improve the internet speed!
Thank you for your help!
When you say that the Eth0 IP is different than the LAN IP address, what exactly do you mean? Are you using Wi-Fi or anything? Generally, the LAN IP address and the Eth0 IP address should be the same.