Configuring Wireguard with remote.it

Here’s a quick guide to what you need to do to use remote.it instead of port forwarding when connecting to your Wireguard server.

Install Wireguard on your Raspberry Pi
In this example we are going to install Wireguard server on a Raspberry Pi, following the instructions in this article:

The first thing to note is that the default UDP port for the Wireguard server in this article is 51900, whereas the default UDP port for Wireguard in remote.it is 51820. It does not matter which value you use, so long as:

  • nothing else is active on that port
  • the two values agree

Here, we will change the value in remote.it to 51900.

After the “Start Up Wireguard” step, to confirm that it’s working.

a) Look for the “wg0” network interface:

pi@raspberrypi-1:~ $ ifconfig wg0
wg0: flags=209<UP,POINTOPOINT,RUNNING,NOARP> mtu 1420
inet 10.253.3.1 netmask 255.255.255.0 destination 10.253.3.1
unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 1000 (UNSPEC)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 1 dropped 0 overruns 0 carrier 0 collisions 0
pi@raspberrypi-1:~ $

b) Look for a UDP listener on port 51900:

pi@raspberrypi-1:~ $ sudo netstat -lpn | grep 51900
udp 0 0 0.0.0.0:51900 0.0.0.0:* -
udp6 0 0 :::51900 :::* -
pi@raspberrypi-1:~ $
Note that the process name is not shown.

c) Use the wg command

pi@raspberrypi-1:~ $ sudo wg show
interface: wg0
public key: p+A8Y1F54rN3kxZtO1snT3Jql2L7BGoFiTdiHjs83jE=
private key: (hidden)
listening port: 51900
peer: cJSYoh+9HU2xNOpF7RxjMM0I67qfQarrFuOi5qFn1Ak=
allowed ips: 10.253.3.2/32
pi@raspberrypi-1:~ $

Install remote.it and add a Wireguard Service
Prior to installing the Wireguard client on your PC (Windows 10 is shown in this example), you’ll need to install remote.it on your Pi and configure a Wireguard Service on port 51900. Find links to articles describing how to do this below.

When you’re done, you should have a remote.it Service which looks similar to this:
image
Your Service ID will be different.

Connect to your Service to get its connection address
Click on “Connect” to perform the following steps.

image

Make sure that “Auto-Launch” is disabled.

image

Next, click on “Add to Network” in order to define a persistent hostname and port for use with this connection.

image

In this example, the hostname is the “connection name” as shown below.

image

This assumes that you have “Named Connections” enabled. If not, the hostname will be 127.0.0.1 by default.

image

Edit the Wireguard client configuration file
Click on the “Copy” icon, then paste the address into your wg0-client.conf file as the value of “Endpoint” in the [Peer] section.

image

Import the wg0-client.conf into your Wireguard client (“Add Tunnel”). When complete, it will look similar to:

image

Activate the VPN Tunnel
Now you can activate the tunnel.

You will see a couple things happen.

#1, the network adapter wg0-client will be added:

#2, the configured address 10.253.3.2 now shows up in the IPv4 Route Table (Windows “route print” command):

image

Note that you can leave the Service Connection in your remoteit Network in order for it to start automatically when you enable the wg0-client tunnel in the Wireguard client. This is an example of an “on-demand connection”. The connection may take 5 to 10 seconds to start.

I have a raspberry pi. I had tried this method myself. I had already got WireGuard working with port forwarding (while at home on my router). I wanted to get WireGuard working with remote.it too. I had already got remote.it working already in other ways you see.
However, when I tried before and after reading above, I could not get any connection. So my question is. Has anyone proven this to work, as opposed to describing how it should work?

Without additional details it will be very hard to help you.

One question to start with is:

  • Can you make any connection at all to the device?

For example, a good place to start would be an SSH connection. Does that work?

I am facing a similar challenge in connecting via wireguard protocol: Wireguard from android to raspberrypi not working over internet

Sorry Gary to be slow replying.
I have WireGuard working perfectly on a Raspberry pi Zero as a server with the ports forwarded through my router.
I have remote.it working perfectly connecting to the RPi Zero using SSH, http, VNC etc. So, putting remote.it together with WireGuard seemed as though it should work.
But when I put them together to try, and copy a UDP appropriate port remote.it web formed and connected proxy instance into my WireGuard config on either an android phone or a W10 machine (replacing my router’s static public IP address) it just does not transfer any data.
Hence my simple question. Has anyone actually shown this combination to work as opposed to saying how it SHOULD work?

I have WireGuard working fine, and remote.it It is just the combination of WireGuard, remote.it and raspberry Pi that will not work for me.

I have it on my list of things to do this upcoming week (get Wireguard working with Android, etc.).

To answer your question directly, yes, I set it up and made sure it was working, and I believe I provided steps you could use along the way to make sure everything is in order, but maybe something is unusual about Android.

I did not seem to work on the Windows10 client either.