Return to

SoftEther guide? Wireguard Guide?

Does anyone have a KISS method guide for setting up SoftEther Server on Fedora?

What about a Wireguard one? I dont want to have to already know the Client IP address. I want to set it up so that I can just plug in the VPN server’s info on the client machine wherever I am and connect.

I also want to bind it to a specific network interface.

At the risk of sounding like a Linux elitist who alienates new users… I don’t have a guide but maybe some pointers.

For wireguard in particular I found that distros tend to ship systemd unit files that wrap wireguard interface configs (one config file per interface). Start by installing the packages that wireguard website tells you to, and look for example files installed that you can use as a template. They kind of look like .ini files. Each interface can have multiple other peers/endpoints. You can then systemctl enable wg@cfg_name or some such thing.

Once it’s up, you’d need to assign it an IP through whatever mechanism you normally use for static IPs on your host (networkmanager most likely). And if you want anything other than host to host you’ll need to setup routing and firewalling as you normally would on a machine with multiple network interfaces on your distro, (possibly involving nat).
I’m not sure about bridging, but I don’t think DHCP will work, as wireguard only ships ip packets, not Ethernet frames.

Each side of the wireguard tunnel will need to have its own private key, and public key for the otherside (peer); they can be generated on the command line in Fedora or in the Android app. (Wireguard website has examples)

There’s also allowed_ips setting, where wireguard can drop packets from the otherside based on src ip, you can use there to whitelist everything.

You’ll need more things, probably port forwarding on your home router, probably some kind of dynamic DNS setup, probably some kind of nat or routing setup.

If you found a good guide in the meantime, post it here.

Use Algo. It also installs and configures wireguard, which is what I use.