Jump to content
TorGuard
Code

WireGuard Configuration Files

Rate this topic

Recommended Posts

Code

Admin,

Hi there.

When can we expect (approximately) the option to use WireGuard configuration files for the servers listed in the Global VPN Network List (https://torguard.net/network/), for example:

 

Quote

# TorGuard WireGuard Config
[Interface]
PrivateKey = PrivateKey
ListenPort = 0
DNS = 0
Address = 127.0.0.1

[Peer]
PublicKey = PublicKey
AllowedIPs = 0.0.0.0/0
Endpoint = 127.0.0.1:123
PersistentKeepalive = 0

 

The only WireGuard enabled servers right now for those who don't use TorGuard's Client are the dedicated ones, and that list is quite small. Users like me who configure their routers directly don't have much to choose from, and being able to pick a server from a closer location will likely improve the overall speed and ping response times.

It will be awesome to use the same WireGuard servers included in the TorGuard Client (I'm assuming they're the same ones listed in the Global VPN Network List).

Thanks.

Code.

  • Like 1

Share this post


Link to post
Share on other sites
uNc

Attention support:

Yes, please advise when the wireguard conf files can be downloaded for manual configuration as noted by Code in the post above.

Regards.

  • Like 1

Share this post


Link to post
Share on other sites
schwartzenheimer

I've asked this question multiple times, and I have yet to get a useful answer. So again: 

When will configuration files for routers be available, and where?

I'll reserve my thanks until I get a useful answer. This is getting old...

  • Like 1

Share this post


Link to post
Share on other sites
Code

I was holding off making my original question because the TorGuard Client wasn't WireGuard ready yet.

Now that it is (oops, people are waiting for the mobile version and there are others things to be done; I almost spoke too soon), I hope that support for WireGuard without the official client is made available soon (I'm assuming there isn't much work to be done, but I could be wrong).

TorGuard's WireGuard dedicated servers (I've only tested one so far) are pretty fast. My ping responses could do better.

Oh, and WireGuard port forwarding will also be nice to have (inside and outside the official client).

Code.

Share this post


Link to post
Share on other sites
Deanosim

Yeah It'll be good once they actually let us download the configuration files and the key, currently the only way to connect to Wireguard for both normal and dedi IP's is with their special client because they refuse to give out the keys.

Share this post


Link to post
Share on other sites
19807409

if anybody would look up in the log files, you would have seen that on each start torguard creates new public key:

	sudo /usr/bin/wg show torguard-wg dump
	

your public key is:

	AAAAAAAAAAAAAAAAAAAAAAAAAA/BBBBBBB/CCCCCCCC=    YOURPUBLICKEYDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD=    59496    off
TORGUARDSERVERPUBLICKEYEEEEEEEEEEEEEEEEEEEE=    (none)    TORGUARDIP:1443    0.0.0.0/0    1599674399    11524196    558820    15
	

This will show you your public key. Then you can type in your browser for a test (you will need to authentificate with your VPN credentials):

	https://TorGuardServerIPorDomain:1443/api/v1/setup?public-key=
	

 

And copy those settings which you need for connecting to shared servers

	server_public_key
    "TORGUARDSERVERPUBLICKEYEEEEEEEEEEEEEEEEEEEE= "
server_ipv4
    "10.14.0.1/16"
client_ipv4    "10.14.102.149/32"
routes    "0.0.0.0/0"
dns    
0    "10.9.0.1"
1    "10.8.0.1"
vpn_server_address    "TORGUARDIP"
vpn_server_port    WIREGUARDPORT
	

 

For more info check your log and maybe ask support for more info, I am not sure that I am posting something that torguard is ok with, so I think I'll just stop on this point ;).

For port forwarding, we all have to wait torguard to apply it on their side,, there is no config allowing it.

  • Thanks 1

Share this post


Link to post
Share on other sites
Code
17 hours ago, 19807409 said:

if anybody would look up in the log files, you would have seen that on each start torguard creates new public key:

 

	sudo /usr/bin/wg show torguard-wg dump
	

 

your public key is:

 

	AAAAAAAAAAAAAAAAAAAAAAAAAA/BBBBBBB/CCCCCCCC=    YOURPUBLICKEYDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD=    59496    off
TORGUARDSERVERPUBLICKEYEEEEEEEEEEEEEEEEEEEE=    (none)    TORGUARDIP:1443    0.0.0.0/0    1599674399    11524196    558820    15
	

 

This will show you your public key. Then you can type in your browser for a test (you will need to authentificate with your VPN credentials):

 

	https://TorGuardServerIPorDomain:1443/api/v1/setup?public-key=
	

 

 

And copy those settings which you need for connecting to shared servers

 

	server_public_key
    "TORGUARDSERVERPUBLICKEYEEEEEEEEEEEEEEEEEEEE= "
server_ipv4
    "10.14.0.1/16"
client_ipv4    "10.14.102.149/32"
routes    "0.0.0.0/0"
dns    
0    "10.9.0.1"
1    "10.8.0.1"
vpn_server_address    "TORGUARDIP"
vpn_server_port    WIREGUARDPORT
	

 

 

For more info check your log and maybe ask support for more info, I am not sure that I am posting something that torguard is ok with, so I think I'll just stop on this point ;).

For port forwarding, we all have to wait torguard to apply it on their side,, there is no config allowing it.

 

Nice finding, but I won't be doing this since TorGuard hasn't made it available publicly yet. 😇

Code.

Share this post


Link to post
Share on other sites
19807409
16 minutes ago, Code said:

Nice finding, but I won't be doing this since TorGuard hasn't made it available publicly yet. 😇

Thanks, maybe I would suggest to add wireguard to tools where you can create config files for openvpn for different OS's.

I doubt anything will change on what I posted above, if, then on backend. For a router, at least on openwrt (probably on any wrt based),  you can create new keys and get api info on each router reboot and then use those until next reboot

Share this post


Link to post
Share on other sites
uNc
5 minutes ago, 19807409 said:

Thanks, maybe I would suggest to add wireguard to tools where you can create config files for openvpn for different OS's.

I doubt anything will change on what I posted above, if, then on backend. For a router, at least on openwrt (probably on any wrt based),  you can create new keys and get api info on each router reboot and then use those until next reboot

Yoh, awesome stuff,,,,I however cannot find my way forward with these two parts:   (of course I know NOT what I'm doing)

https://TorGuardServerIPorDomain:1443/api/v1/setup?public-key=

sudo /usr/bin/wg show torguard-wg dump

Tried on a mac, any suggestions?

Thanks.

Share this post


Link to post
Share on other sites
19807409
3 hours ago, uNc said:

Tried on a mac, any suggestions?

Sadly I can not really reply it with knowing if I understood the question, I assume I did

lets assume you ant to connect to torguard server IP 123.123.123.123, wireguard port 1443 and  your public key is ABCD1234=, then the URL would be:

	https://123.123.123.123:1443/api/v1/setup?public-key=ABCD1234=
	

For sudo /usr/bin/wg show torguard-wg dumpyou have to know where your wireguard bin is, normally you can run it without /usr/bin/ prefix, and sudo is proably self explaining, if you run terminal as root you do not have to use sudo.

For mac I really am not sure where wg bin is, best way for you to check it would be to enable debugging in torguard client, then check your log, all those steps are there and you can see it all.

 

If you have created already some interface or there is torguard-wg, then you can use that public key too, you do not have to recreate one each time but for security and privacy I would advise to do so. ou can run simply

	wg show
	

to show your interface as well as you can print current torguard-wg config with

	wg showconf torguard-wg
	

 

To export it to a file in same folder where you are, run

	wg showconf torguard-wg > torguard-wg.conf
	

 

hope it helps

 

Share this post


Link to post
Share on other sites
D66IXNN5

Thanks, 19807409! I just followed that API link and used it to set up Wireguard in the iOS Wireguard app. There's no need to wait for TorGuard to release their update now.

  • Like 1

Share this post


Link to post
Share on other sites
uNc
9 minutes ago, D66IXNN5 said:

Thanks, 19807409! I just followed your API instructions to set up Wireguard in the iOS Wireguard app. There's no need to wait for TorGuard to release their update now.

Brilliant....If not already, 19807409 should be the chief systems engineer in charge at Torguard!

Share this post


Link to post
Share on other sites
Redback813
On 9/10/2020 at 10:38 PM, uNc said:

Yoh, awesome stuff,,,,I however cannot find my way forward with these two parts:   (of course I know NOT what I'm doing)

https://TorGuardServerIPorDomain:1443/api/v1/setup?public-key=

sudo /usr/bin/wg show torguard-wg dump

Tried on a mac, any suggestions?

Thanks.

On a a Mac Catalina system

Instead of "sudo /usr/bin/wg show torguard-wg dump" since wg" WG does not exist by default in the /usr/bin folder, nor in the /local/bin either, so try instead,

"/Applications/TorGuard.app/Contents/Helpers/wg" For this to work it seem you need to start up torguard app, hope this helps.

Usage: /Applications/TorGuard.app/Contents/Helpers/wg <cmd> [<args>]

Available subcommands:
  show: Shows the current configuration and device information
  showconf: Shows the current configuration of a given WireGuard interface, for use with `setconf'
  set: Change the current configuration, add peers, remove peers, or change peers
  setconf: Applies a configuration file to a WireGuard interface
  addconf: Appends a configuration file to a WireGuard interface
  syncconf: Synchronizes a configuration file to a WireGuard interface
  genkey: Generates a new private key and writes it to stdout
  genpsk: Generates a new preshared key and writes it to stdout
  pubkey: Reads a private key from stdin and writes a public key to stdout

 

  • Thanks 1

Share this post


Link to post
Share on other sites
19807409
On 9/26/2020 at 9:41 AM, uNc said:

Brilliant....If not already, 19807409 should be the chief systems engineer in charge at Torguard!

Haha,  thx, I doubt ;), TorGuard has some really skilled people, they just cant do everything, time is the only restriction we devs normally have ;). Your post actually motivated me to share something unfinished so you guys can play with, this enables wireguard and torguard usage on I think every openwrt device, since years I waited that maybe torguard will release something like luci-app-torguard, seems I will be quicker, however, all this is just a scratch coding and finding actually what the best way would be to configure configs and scripts so that everybody can read and maintenance it. Enjoy as it lasts ;), and btw, I am not involved with TorGuard, maybe only in the way that I brought a bunch of customers, but not more ;)

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...

×
×
  • Create New...