> For the complete documentation index, see [llms.txt](https://paul-gleason.gitbook.io/champlain-college-classes/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://paul-gleason.gitbook.io/champlain-college-classes/sec-440-systems-security/labs/project-5-wireguard-with-aws.md).

# Project 5 - Wireguard with AWS

### Setup Instance

Boot up learner lab

<figure><img src="https://lh5.googleusercontent.com/bhr2CjMTLIRMGtO1K02tSok1MMkfhkxbfExwT3sKxlfhvZ852KXwyOYxYhwF2tjCaf-nZGadCSz8mQoUQEHFV-WKWb-o4pnFDJKI32wZLv0TNQnSmVK4c-mwGAa67OijkqI9EtojhXnsigVNE0dJpYs" alt=""><figcaption></figcaption></figure>

Launch new instance

<figure><img src="https://lh6.googleusercontent.com/AEbBRraGAEjf7izmAekTHiKZKoJaId7Ck_vdwO-CsM6G7mUM8THGqNDzAFjtfhnTf3-XqPPTU7UPc4F6cjtJgwlp4AIAjbV47ZiU-4miaEWJA24XCYpXRt2Xllx3f2e4fuZZVYQI7iMUj-_OYJ7mgGY" alt=""><figcaption></figcaption></figure>

Select Ubuntu 22.04

<figure><img src="https://lh6.googleusercontent.com/0lHeGKswLzk2aRjGb_HTCGTK4EUDNaW3OFMFmyKkM32apeaPU5_qlD7Tc_AuMAwRAxGIl49gLM-jS-D4tZpkero4AVS020Si4fNvL7ZwNqgPvnInhQkcoG8wk1GYuASN_cBIt_cWA3QsmaUsSv3uX6I" alt=""><figcaption></figcaption></figure>

Make new keypair

<figure><img src="https://lh5.googleusercontent.com/4wNNfFDdZTQXkLeiVTsrCLMdfulrnqJ5XDUjdmuGYNecu4uOPKne5iVW5UUflg0-C7HCmqKsy8mdjp359uiCVt43ddewxWF-Mwgj-MuUCC1cDSw5KVclthZiU3Yx7VMoGPNSbOu3kzEA5DH0CfhnFXE" alt=""><figcaption></figcaption></figure>

Edit Security group

<figure><img src="https://lh6.googleusercontent.com/t6Nmz-mFzj02pBO3F-5fXmeuXKmxy9Hz87onVgAbLRTW2SjsRN3-uNmWEyK5dGLjSpqtpZOSKQOzYwtjBmqDS3g8AE1BIG_xP2Y3WMz7XiZFkKRmF_auDwBjBbq3dj-JDl3lfFMKX9BRF0PY0pVLmlo" alt=""><figcaption></figcaption></figure>

Start instance

### Setup Wiregaurd

Now download key to xubuntu-lan

<figure><img src="https://lh4.googleusercontent.com/3Z9wW3VGWIV0pFPPdXudgGAPmNFxdGUqKFflHUl5QmJVHjCdLyMnyqfsOcAEb4qqP412xkilg0noRZ811YnGUkktf9U4E2NpxW5aftiC112zQ1isGdPbYLzle87bXQXjm2XOckAzCHc2cNp5OtSANh4" alt=""><figcaption></figcaption></figure>

Open Terminal and connect to instance

<figure><img src="https://lh3.googleusercontent.com/Ag0vsUpGeBnB44ELSEo41YQrzrtOkPN3s3L71OwuuFCiQ3t6vhPBs-kt4VNTaKRvMQTM1rmeQ4kqUmWThmUw1dtyqVlwLTDnJn88DFYDPJkXdmUAnqBxVk9A_H61shDv2E0N2erszAPIMhnuDcHCH6g" alt=""><figcaption></figcaption></figure>

#### Install wireguard:

`Sudo apt-get update`

`Sudo apt-get install wireguard`

Wiregaurd Server Configuration

<figure><img src="https://lh3.googleusercontent.com/WZ6ZpCsZGZcp-i4GfRPyrAaoCJQsKV4VL83ac8ytFg13NTJo_OcbaygHjqeRBP_dKRr-hWUvRFy2PNl681BL0IhpzqdvYzDAkwmBD8L_Y-AT8ZALVehJwd6Ii9D4PG0OF8qQCnOZ4TISaNF8Gn-uAFA" alt=""><figcaption></figcaption></figure>

Wiregaurd xUbuntu Configuration

<figure><img src="https://lh6.googleusercontent.com/6YYCp_Xzlahv3a4mCuvEuCKK3_6K0cUPcckgQnegE5rDrC5h7Y0RQnizICZTQhgelvXsbIf6zCmzJS0NpXg_yUxZTEZvTRq9n4UQ1nbm2FE1SChzGa68IusGd3WjeQ5dP3Hc4TBFaulRqP4ZRPSzGgw" alt=""><figcaption></figcaption></figure>

Add to config

`PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -A FORWARD -o %i -j ACCEPT; iptables -t nat -A POSTROUTING -o ens162 -j MASQUERADE`&#x20;

`PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -D FORWARD -o %i -j ACCEPT; iptables -t nat -D POSTROUTING -o ens162 -j MASQUERADE`&#x20;

Then type&#x20;

`sysctl -w net.ipv4.ip_forward=1`&#x20;

`sysctl -p`

\
Activate Wiregaurd

`systemctl restart wg-quick@wg0.service`

Showing connectivity

<figure><img src="https://lh3.googleusercontent.com/84e88PRTwjPz0aOAsA0mLnBhT4y_21NAWbEyuwF2mI-qQdBcsPH-kQu7D_lfTcTpwCpqRv24qmh6X058wO8LHF7bcnkuyM_KPn7ZyDmVUyDBlmdrIyUOUme2dV-xLsd5_JWsisARfStjCYUBMb-F0ik" alt=""><figcaption></figcaption></figure>

Connecting to test page over arbitrary port

<figure><img src="https://lh5.googleusercontent.com/9QCHLhnq3NvIhJio9ploUYwyPxGQXXmclId6RWsDoOWyyvtz7oeUOH3r46Qck48FG4aJyHVUzjsO0UEAVUwcZjFo_STbYIgWhBlghH_KLX2gEVI5fK47sCK8q2Dxxwujk8RB-dPw6pr_WqeGnUC7d6E" alt=""><figcaption></figcaption></figure>

Connecting to webpage:

<figure><img src="https://lh4.googleusercontent.com/OeR9HGFtp9zWm9H4T4r8BzdYUUYWIaWKKvQWzF6p6mjGhBkxvRXPAzkD14MjJq4LOkryZZeCVNTr4duCN6o63jfhtcbFiswLX4o8f9AKIrSFAr_2MsWm0vPNfDPcBL54Wc4RY_z2e8sD4J8LHLRRtLg" alt=""><figcaption></figcaption></figure>

<br>
