Arch Linux BasedManjaro

How To Install WireGuard on Manjaro

r00t
3 minutes read

Install WireGuard on Manjaro

WireGuard is a cutting-edge VPN protocol that offers superior performance and security compared to traditional options like OpenVPN or IPsec. Its lightweight codebase and efficient cryptographic primitives make it an ideal choice for both desktop and mobile devices. Manjaro users can benefit from WireGuard’s speed, simplicity, and robust encryption to protect their online activities.

In this comprehensive guide, we’ll explore three different methods to install WireGuard on Manjaro: using the graphical Network Manager, command-line installation, and a dedicated WireGuard manager script. We’ll also cover advanced configuration options, troubleshooting tips, and integration with your desktop environment.

Prerequisites

Before we begin, ensure that you have the following:

  • A Manjaro Linux system (up-to-date)
  • Sudo privileges on your account
  • An active internet connection
  • Basic familiarity with the command line interface

Method 1: GUI Installation Using Network Manager

For users who prefer a graphical interface, installing WireGuard through Manjaro’s Network Manager is a straightforward option.

Installing the Required Package

First, we need to install the network-manager-wireguard package. Open a terminal and run:

sudo pacman -S network-manager-wireguard

Accessing Network Settings

  1. Click on the network icon in your system tray
  2. Select “Network Settings” or “Edit Connections”
  3. Click the “+” button to add a new connection
  4. Choose “WireGuard” from the connection type dropdown

Configuring the WireGuard Interface

In the configuration window, you’ll need to enter the following details:

  • Name: Give your connection a recognizable name
  • Interface Name: Usually “wg0” for the first connection
  • Private Key: Paste your WireGuard private key here
  • Public Key: Enter your WireGuard public key
  • Listen Port: Typically 51820, but can be changed if needed
  • MTU: Leave as default unless you have specific requirements

Setting Up Peer Configuration

In the “Peers” tab, add the details for the WireGuard server you’re connecting to:

  • Public Key: The server’s public key
  • Allowed IPs: Usually 0.0.0.0/0 for routing all traffic
  • Endpoint: The server’s IP address or hostname and port
  • Persistent Keep Alive: Set to 25 seconds for NAT traversal

Managing IPv4/IPv6 Settings

Configure your IP settings in the respective tabs:

  • IPv4: Set to “Automatic (VPN)” for DHCP, or manually enter your VPN IP
  • IPv6: Similar to IPv4, choose automatic or manual configuration

Testing and Verification

After saving your configuration, connect to the WireGuard VPN:

  1. Click on the network icon in the system tray
  2. Select your newly created WireGuard connection
  3. Verify the connection by checking your IP address at ipleak.net

To ensure your DNS isn’t leaking, use a tool like DNSLeakTest. If you notice any issues, consider manually setting your DNS servers in the connection settings.

Method 2: Command Line Installation

For users comfortable with the terminal, installing WireGuard via command line offers more control and can be faster.

Package Installation

First, update your system and install WireGuard:

sudo pacman -Syu sudo pacman -S wireguard-tools

Key Generation

Generate your WireGuard keys:

wg genkey | tee privatekey | wg pubkey > publickey sudo chmod 600 privatekey

This creates two files: ‘privatekey’ and ‘publickey’. Keep your private key secure and never share it.

Configuration Setup

Create a WireGuard configuration file:

sudo nano /etc/wireguard/wg0.conf

Add the following content, replacing the placeholders with your actual data:

[Interface] PrivateKey = <Your Private Key> Address = <Your VPN IP Address> DNS = <VPN DNS Server> [Peer] PublicKey = <Server Public Key> AllowedIPs = 0.0.0.0/0, ::/0 Endpoint = <Server IP or Hostname>:<Port> PersistentKeepalive = 25

Save the file and set the correct permissions:

sudo chmod 600 /etc/wireguard/wg0.conf

Starting WireGuard

To start WireGuard and enable it on boot:

sudo systemctl start wg-quick@wg0 sudo systemctl enable wg-quick@wg0

Method 3: Using WireGuard Manager Script

For those who want a more automated approach, using a WireGuard manager script can simplify the process.

Script Installation

Download and run the WireGuard installation script:

curl -O https://raw.githubusercontent.com/angristan/wireguard-install/master/wireguard-install.sh chmod +x wireguard-install.sh sudo ./wireguard-install.sh

Follow the prompts to set up your WireGuard server or client configuration.

Configuration Management

The script allows you to:

  • Add new clients
  • Remove existing clients
  • Uninstall WireGuard

To manage your WireGuard setup, simply run the script again:

sudo ./wireguard-install.sh

Advanced Configuration

Once you have WireGuard up and running, you might want to fine-tune its performance and security.

Performance Optimization

Adjust the MTU settings if you experience performance issues:

sudo wg show wg0 mtu

If the MTU is too high, reduce it in your configuration file:

MTU = 1420

Security Enhancements

Implement a kill switch to prevent traffic leaks:

sudo ufw default deny outgoing sudo ufw allow out on wg0 from any to any sudo ufw enable

This ensures that traffic only flows through the WireGuard interface when connected.

Troubleshooting

If you encounter issues with your WireGuard connection, try these steps:

  1. Check your system logs: sudo journalctl -xeu wg-quick@wg0
  2. Verify your configuration file for typos
  3. Ensure your firewall isn’t blocking WireGuard traffic
  4. Test with a different DNS server

Congratulations! You have successfully installed WireGuard. Thanks for using this tutorial for installing the WireGuard on your Manjaro system. For additional or useful information, we recommend you check the official WireGuard website.

VPS Manage Service Offer
If you don’t have time to do all of this stuff, or if this is not your area of expertise, we offer a service to do “VPS Manage Service Offer”, starting from $10 (Paypal payment). Please contact us to get the best deal!
Tags
r00t
3 minutes read
Photo of r00t

r00t

r00t is a dedicated and highly skilled Linux Systems Administrator with over a decade of progressive experience in designing, deploying, and maintaining enterprise-grade Linux infrastructure. His professional journey began in the telecommunications industry, where early exposure to Unix-based operating systems ignited a deep and enduring passion for open-source technologies and server administration.​ Throughout his career, r00t has demonstrated exceptional proficiency in managing large-scale Linux environments, overseeing more than 300 servers across development, staging, and production platforms while consistently achieving 99.9% system uptime. He holds advanced competencies in Red Hat Enterprise Linux (RHEL), Debian, and Ubuntu distributions, complemented by hands-on expertise in automation tools such as Ansible, Terraform, Bash scripting, and Python.
Copyright © 2026 idroot.us | All Rights Reserved | Follow us for more Linux tutorials!
Back to top button