This is an internal documentation. There is a good chance you’re looking for something else. See Disclaimer.

Set up Wireguard VPN (Mac Edition)

Configure VPN

  1. Install Wireguard:

    Install client from https://www.wireguard.com/install/#macos-app-store. Do not install CLI tools listed at the bottom which are unmaintained and outdated.

  2. Generate private / public key pair:

    Add a new empty Tunnel in the “Manage WireGuard Tunnels” Menu:

    ../_images/add_tunnel.png

    Allow adding of VPN Configurations:

    ../_images/allow_vpn_conf.png

    This will generate an “empty” VPN configuration with a public and private key:

    ../_images/vpn_tunnel.png

  3. Submit the public_key to Operations Public channel and ask to be granted VPN access.

    Make sure you keep the private_key, you’ll need it.

  4. You’ll get a VPN config back. Replace the XXX placeholder in it with your private_key.

    Add this configuration to your previously created VPN tunnel:

    Warning

    Make sure to not overwrite the private key when pasting this configuration!

    ../_images/vpn_configuration.png

    Important

    This is a per-device key. Generate a fresh key if you need access on an addational device. Using the same key on two devices will not work.

Test VPN

  1. Enable VPN:

    Activate the config2

    ../_images/activate_vpn.png

  2. Test connection:

    ping -A -c 3 10.148.60.1
ping6 -c 3 2001:8e3:5396:c9b::1
ping -A -c 3 tocco.ch

  3. Disable VPN:

    Deactivate the config:

    ../_images/deactivate_vpn.png