Private WireGuard VPN on Azure

This is just a quick run-down on setting up a private WG vpn server on Azure in a semi-automated fashion. This can be ideal for:

• Short term needs (eg I’m travelling somewhere and need a private connection)
• I need a public IP in X region for Y reason
• Long term use as well perhaps

The Azure ARM template will use a Standard B1ms host for the VM which is about £12 a month so it is not overly pricey.

Prepare

First you will need to generate the WireGuard client key material on your local host.

wg genkey | tee privatekey | wg pubkey > publickey
wg genpsk > presharedkey

Next generate an SSH keypair for the Azure VM. Note that when you let a user manually enter their public key as an Azure ARM parameter in the UI then it has to be in the ssh-rsa format.

ssh-keygen -t rsa -b 2048

Open wg.yml and fill in your WG public key and PSK on line 5 & 6.

  vars:
    userPublicKey: XXXXXX
    userPSK: XXXXXX

#network #azure #wireguard