Wireguard VPN

Linux: see Wireguard on Linux

cd /etc/wireguard
wg genkey | tee /dev/tty | wg pubkey
# or, if you want to output to file:
wg genkey | tee privkey | wg pubkey > pubkey

/etc/wireguard/wg0.conf

[Interface]
PrivateKey = <server privkey>
Address    = <server address>/24
ListenPort = 5226
PostUp     = iptables -A FORWARD -i %i -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE; ip6tables -A FORWARD -i %i -j ACCEPT; ip6tables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
PostDown   = iptables -D FORWARD -i %i -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE; ip6tables -D FORWARD -i %i -j ACCEPT; ip6tables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
SaveConfig = true

/etc/wireguard/wg0.conf

[Interface]
Address = <peer IP address>/24
PrivateKey = <peer privkey>
 
[Peer]
PublicKey = <server pubkey>
Endpoint = <server IP or hostname>:5226
AllowedIPs = 0.0.0.0/0

wg set wg0 peer `cat clients/<peer>_public.key` allowed-ips <peer IP>/32

• https://www.reddit.com/r/sysadmin/comments/9dime7/wireguard_vpn_walkthrough/
• https://www.stavros.io/posts/how-to-configure-wireguard/
• Arch Wiki: Wireguard
• https://technofaq.org/posts/2017/10/how-to-setup-wireguard-vpn-on-your-debian-gnulinux-server-with-ipv6-support/
• https://www.linode.com/docs/networking/vpn/set-up-wireguard-vpn-on-ubuntu/

• Tunsafe VPN

There's a Kernel mode implementation since August 2021, which is enabled by default.

• Netmaker – Wireguard web interface.