VPN two computers together with Wireguard
WireGuard is a nice modern lightweight performant VPN that doesn't come with a bewildering array of configuration guns to shoot yourself in the foot with.
This will create a bidirectional VPN between the server and the client.
Adjust file/interface names, and IP addresses to suit.
Note that the PublicKey configs are the other side's public keys.
It's not super easy to document it simply, but hopefully this will suffice.
SERVER
apt-get install wireguard-tools
# Generate the server's keypair
PRI=`wg genkey`; PUB=`echo $PRI | wg pubkey` ; echo $PRI $PUB
cat /etc/wireguard/toclient.conf
[Interface]
Address = 10.0.0.1/24
SaveConfig = true
ListenPort = 51580
PrivateKey = SERVER private key
[Peer]
PublicKey = CLIENT public key
AllowedIPs = 10.0.0.2/32
systemctl enable --now wg-quick@toclient
ifconfig toclient
toclient flags=209
inet 10.0.0.1 netmask 255.255.255.252 destination 10.0.0.1
unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 1000 (UNSPEC)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 15 bytes 2220 (2.1 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
CLIENT
apt-get install wireguard-tools
# Generate client's key pair
PRI=`wg genkey`; PUB=`echo $PRI | wg pubkey` ; echo $PRI $PUB
cat /etc/wireguard/toserver.conf
[Interface]
Address = 10.0.0.2/32
SaveConfig = true
PrivateKey = CLIENT private key
[Peer]
PublicKey = SERVER public key
systemctl enable --now wg-quick@toserver
ifconfig toserver
toserver: flags=209
inet 10.0.0.2 netmask 255.255.255.252 destination 10.0.0.2
unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 1000 (UNSPEC)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 15 bytes 2220 (2.1 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
# Should be able to ping the server
ping -c 4 10.0.0.1
SERVER
# Should be able to ping the client
ping -c 4 10.0.0.2