WireGuard configuration options

The [Interface] config option for the local device running the tunnel Used as [Interface]

Address This config option defines the addresses for the device being configured. It goes under ...

ListenPort is a config option for hard programming a port to bind to, this is typically used on r...

The PrivateKey config option defines the private key for the node you are configuring. Not much e...

The DNS config flag sets the DNS servers for use with the tunnel, and is generally set on devices...

The Table flag is crucially important for use with more advanced setups, like passing BGP traffic...

The MTU flag as you would probably guess sets the MTU of the tunnel, it's default is 1420 or what...

PreUp is used to run a command before your tunnel interface is brought up. This command can also ...

Similar to Preup PostUp is used to run commands, but PostUp runs after the tunnel is up and runni...

The PreDown command is used to run commands on request the tunnel be destroyed/brought down, it's...

The PostDown similar to the others is the inverse of PostUp and will run commands on the successf...

[Peer] is used for defining the VPN settings for a remote node capable of routing traffic for one...

Defines the public IP:port of a remote peer or device. Do not include this for devices that sit b...

AllowedIPs defines any IP ranges for which the device will be routing or passing traffic for. Cli...

This config option is used to define the public key of the remote node! to find out how to get th...

PersistentKeepalive is used for devices that are behind nats or other restrictive firewalls to pr...