Can I install wireguard on freepbx

Hi all,

Can I install wireguard server on my freepbx server as the os is running centos 7?

Thanks,
Rob

Of course, but you are “off the reservation”

What do you mean off the reservation @dicko

He means that your follow up question is now:

For anyone who has installed wireguard on FreePBX Distro version xxxx, is there anything to watch out for?

I will let you know if I need to install wireguard on the freepbx server and gwt back to you guys and let you know :blush:

i believe effectively, this boils down to:

“you can do whatever you want, its your server. but once you have a non-standard implementation, support and troubleshooting gets harder or not supported”

I have wireguard installed on my PBX and it works great. The problem was figuring out how to do it.

I first tried installing from the elrepo repository but I ran into dependency problems. I think the kernel is too old but I didn’t really feel like trying to figure it out.

Next I tried installing from source. Compilation from Source Code - WireGuard and I ran into two problems.

  1. The build folder is missing. This can be fixed using “ln -s /usr/src/kernels/$(uname -r) /lib/modules/$(uname -r)/build”.
  2. There was a compile error in socket.c. After some googling I found out there is a problem in “wireguard-linux-compat/src/compat/compat.h” lines 92-96 where it checks the kernel version. I just commented out the “#if/#elif/#endif” so that the “elif” section is always executed. (Once again I was too lazy to try to figure out what was going wrong here.)

After you finish compile/install you need to ensure that the module is loaded after a reboot. Create /etc/modules-load.d/wireguard.conf:

# Load wireguard.ko at boot
wireguard

Make sure you enable the service:

systemctl enable wg-quick@wg0

Create your wg0.conf file and you should be able to start the service wg0. There may be a better way to do this, but this was what I came up with. Hope it helps.

3 Likes

You definitely earned your wampum!

I should also have mentioned, you need to open the port in the firewall. Connectivity | Firewall | Services | Custom Services | Create New Service (UDP). Be sure that both Internet and Local are highlighted.

Add the network CIDR (eg x.x.x.x/24 Trusted) in Connectivity | Firewall | Networks.

UDP/51820 unless otherwise specified in your config file

This topic was automatically closed 31 days after the last reply. New replies are no longer allowed.