Vicidial 11 is installed on openSUSE Leap 15 .
Let’s go step-by-step to install WireGuard on openSUSE Leap 15, openSUSE uses zypper .
🧩 Step 1: Update your system
Run this first:
sudo zypper refresh
sudo zypper update -y
⚙️ Step 2: Install WireGuard package
WireGuard is included in the Kernel:HEAD or official repositories from Leap 15.2+.
Try installing directly:
sudo zypper install wireguard-tools
If you get an error (package not found), add the correct repository:
For openSUSE Leap 15.x:
sudo zypper addrepo https://download.opensuse.org/repositories/network:utilities/openSUSE_Leap_15.5/network:utilities.repo
sudo zypper refresh
sudo zypper install wireguard-tools
(Replace 15.5 with your actual version if needed — check with cat /etc/os-release.)
🔑 Step 3: Generate WireGuard keys
sudo mkdir -p /etc/wireguard
cd /etc/wireguard
sudo umask 077
sudo wg genkey | tee privatekey | wg pubkey > publickey
🧾 Step 4: Create the WireGuard configuration file
Create /etc/wireguard/wg0.conf:
sudo nano /etc/wireguard/wg0.conf
Add the following (example for server):
[Interface]
Address = 10.10.20.1/24
ListenPort = 51820
PrivateKey = <server-private-key>
# NAT rules (optional for internet routing)
PostUp = iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
PostDown = iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
Replace:
eth0with your WAN interface (ip awill show it)<server-private-key>with content from/etc/wireguard/privatekey
👥 Step 5: Add a peer (client)
Add this block to wg0.conf for each client:
[Peer]
PublicKey = <client-public-key>
AllowedIPs = 10.10.20.2/32
📡 Step 6: Enable IP forwarding
Enable forwarding permanently:
sudo sysctl -w net.ipv4.ip_forward=1
echo "net.ipv4.ip_forward = 1" | sudo tee -a /etc/sysctl.conf
🔥 Step 7: Allow WireGuard in firewall
For firewalld (default in openSUSE):
sudo firewall-cmd --permanent --add-port=51820/udp
sudo firewall-cmd --reload
For SuSEfirewall2 (older versions):
sudo yast firewall
→ Add UDP port 51820 under “Allowed Services”.
🚀 Step 8: Start and enable WireGuard
sudo systemctl enable wg-quick@wg0
sudo systemctl start wg-quick@wg0
Check status:
sudo systemctl status wg-quick@wg0
✅ Step 9: Verify connection
Run:
sudo wg
You’ll see your interface and peers.
💡 Optional: Client example
Example client /etc/wireguard/wg0.conf:
[Interface]
Address = 10.10.20.2/24
PrivateKey = <client-private-key>
[Peer]
PublicKey = <server-public-key>
Endpoint = <server-public-ip>:51820
AllowedIPs = 0.0.0.0/0
PersistentKeepalive = 25
Working Example as Vicidial as client
[Interface]
PrivateKey = KLqd0EmF48k8ij44UZnFUnABGGpoIqINDcjN+3Zs4XU=
Address = 10.34.203.3/32
[Peer]
PublicKey = WV+3XLuwHoRe4ivRiBoC8d2UjVqQSnfW53PCA9k0=
AllowedIPs = 10.34.203.0/24, 172.16.60.0/24
Endpoint = 11.11.11.11:13231
Then start on the client:
sudo wg-quick up wg0
start on reboot
crontab -e
@reboot /etc/wireguard/wg0.conf
@reboot /etc/wireguard/keepalive.sh
vicibox11:~ # cat /etc/wireguard/keepalive.sh
#!/bin/bash
TARGET="10.34.202.1" # replace with your WireGuard peer IP
while true; do
ping -c 10 $TARGET
sleep 60
done
✅ Done!
WireGuard is now running on your openSUSE Leap 15 VICIdial server.