Streisand: Anyone knows how to using wireguard client on macOS

Created on 11 Oct 2017  路  14Comments  路  Source: StreisandEffect/streisand

I knew how to configure wireguard client on Linux, but how to on macOS, just install wireguard from brew and used command to launch?

Most helpful comment

@HougeLangley @cpu

I've been using macOS for a while to connect to my streisand wireguard server, and it seems to be working fine so far.

But take into account that the official wireguard userland tools for macOS are still considered experimental, so you may expect crashes or unexpected behaviour. If you're OK with that, you can test it following these steps:

  1. Follow the official Wireguard instuctions to install the user space tools using brew.
  2. Download one of the client configuration files from your Streisand server and copy it to /usr/local/etc/wireguard/ (or /etc/wireguard/). You'll need to create the directory first.
  3. Launch the client with sudo wg-quick up INTERFACE . Replace INTERFACE with the name of the configuration filed you copied to etc (without the extension). For instance, if your config file is viable-wall.conf you'll start the vpn executing sudo wg-quick up viable-wall.
  4. To stop the vpn run sudo wg-quick down viable-wall

All 14 comments

WireGuard isn't available on macOS :c

To expand on @alimakki's answer (Thanks!) - Wireguard is implemented as a Linux kernel module presently. There is active work being done to create a userland version that could be used for non-Linux operating systems (OSX, Windows, etc) and for devices that can't easily insert kernel modules (Android phones, etc). None are available presently but hopefully over the next year or so there will be better Wireguard options for non-Linux clients :-)

But I see wireguard could be install on macOS.

https://www.wireguard.com/install/

@HougeLangley You'll note the OSX download says "tools" in light grey font while the other Linux downloads say "module & tools". I believe the OSX download only gives you the few small userland utilities that Wireguard ships to interact with the kernel module. There's no kernel module for OSX so the tools aren't very useful except (I suspect) to the folks that are working on building userland alternatives to the kernel module.

experimental effort here https://tunsafe.com/osx

experimental effort here https://tunsafe.com/osx

The author of WireGuard strongly discourages the use of tunsafe:

Please stay away from this software, and generally be wary of closed-source WireGuard implementations trying to fill the void. This one was written by a community-unfriendly proprietary author, and we've got little way of ensuring protocol compliance or basic security.

My recommendation for Streisand users on OSX is to wait for the upstream WireGuard project to deliver first party support.

@HougeLangley @cpu

I've been using macOS for a while to connect to my streisand wireguard server, and it seems to be working fine so far.

But take into account that the official wireguard userland tools for macOS are still considered experimental, so you may expect crashes or unexpected behaviour. If you're OK with that, you can test it following these steps:

  1. Follow the official Wireguard instuctions to install the user space tools using brew.
  2. Download one of the client configuration files from your Streisand server and copy it to /usr/local/etc/wireguard/ (or /etc/wireguard/). You'll need to create the directory first.
  3. Launch the client with sudo wg-quick up INTERFACE . Replace INTERFACE with the name of the configuration filed you copied to etc (without the extension). For instance, if your config file is viable-wall.conf you'll start the vpn executing sudo wg-quick up viable-wall.
  4. To stop the vpn run sudo wg-quick down viable-wall

@erndev If you're interested in contributing to Streisand adding this information to the documentation would help with https://github.com/StreisandEffect/streisand/issues/1346 !

@cpu sure.
i've forked the project and changed the template, but i have one question.
Is there any one to generate the html files from the templates without deploying a server?
i'd like to check if i did not break anything on the way.

Is there any one to generate the html files from the templates without deploying a server?
i'd like to check if i did not break anything on the way.

I haven't tried that. Deploying a new server is likely the easiest way to test.

i've forked the project and changed the template, but i have one question.
Is there any one to generate the html files from the templates without deploying a server?
i'd like to check if i did not break anything on the way.|

@erndev Alternatively if you open a PR with your changes (Feel free to add "Work-in-progress" to the PR title if you aren't quite finished) and I can take a look & try running it in some test infrastructure.

Thanks!

@cpu
done.
https://github.com/StreisandEffect/streisand/pull/1362

I've been using the android app to connect to my server, and seems to work too. Like the macOS client, still experimental and potentially unstable, but it connects to the server just fine.

I could add the android instructions too. Anyway, first, i'll wait for the approval of the macos pull request, just to confirm i am editing it property.

@erndev your instruction does not work for me. wireguard says it's connected just fine but I lose internet connection all together.

@hadifarnoud :

.. your instruction does not work for me. wireguard says it's connected just fine but I lose internet connection all together.

You likely specified AllowedIPs = 0.0.0.0/0 (change your default route to the other VPN endpoint), but the other endpoint was not yet configured to act as a router/gateway/NAT

Was this page helpful?
0 / 5 - 0 ratings

Related issues

sudoyum999 picture sudoyum999  路  4Comments

hamidzr picture hamidzr  路  3Comments

alphazo picture alphazo  路  5Comments

wicknet picture wicknet  路  5Comments

NightMachinary picture NightMachinary  路  5Comments