Previously: VPN from Windows to Linux: WireGuard working example.
The problem: route everything from Android device via Linux server. But first, let's install VPN from Linux client to Linux server. I assume you have two Linux boxes: server and client.
Uncomment this on Linux server, in /etc/sysctl.conf
net.ipv4.ip_forward=1 net.ipv6.conf.all.forwarding=1
Install WireGuard on (Ubuntu) Linux server (apt install wireguard), generate key pair:
wg genkey | tee privatekey | wg pubkey > publickey
Other packages may be requires for Ubuntu Linux server: resolvconf, iptables.
Install WireGuard on Linux client, also generate key pair.
Config for Linux client, in /etc/wireguard/wg0.conf
[Interface] PrivateKey = [private key generated by Linux client] ListenPort = 21841 Address = 192.168.2.2/32 DNS = 8.8.8.8 [Peer] PublicKey = [public key generated on Linux server] AllowedIPs = 0.0.0.0/0, ::/0 Endpoint = LINUX_SERVER_HOSTNAME_OR_IP:51820
Config for Linux server, also in /etc/wireguard/wg0.conf
[Interface] Address = 192.168.2.1 ListenPort = 51820 PrivateKey = [private key generated on Linux server] DNS = 1.1.1.1 PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE [Peer] Endpoint = LINUX_SERVER_HOSTNAME_OR_IP:51820 PublicKey = [public key generated by Linux client] AllowedIPs = 192.168.2.2/32
Start/stop WireGuard on Linux server, show info:
wg-quick up wg0 wg show ifconfig wg0 wg-quick down wg0
Likewise, start/stop it on Linux client. Check if you really use VPN by running 'traceroute 8.8.8.8'.
Now if you have successfull VPN from Linux client to Linux server, take client's config and put it to wg.conf and upload to Android device. Say, to Downloads folder. Install WireGuard from Play Store and import that wg.conf file from the Downloads folder. Start/stop/etc. And by the way, Android WireGuard app allows you to select, which apps to route via VPN.
Yes, I know about these lousy Disqus ads. Please use adblocker. I would consider to subscribe to 'pro' version of Disqus if the signal/noise ratio in comments would be good enough.