Monday, 31 March 2025

Complete Guide to Setting Up WireGuard + Cloudflare WARP for Optimized Routing with Singapore & Indonesia VPS

Posted By: Rufaidah-network - 00:19

Share

& Comment

 


1. Introduction

This topology uses two VPS (Singapore & Indonesia) as the main gateways for internet connection, with Starlink only as a transit. WireGuard is used as the main VPN, and Cloudflare WARP helps optimize routing. This system also has failover; if the primary VPS (SG) goes down, the connection automatically switches to the backup VPS (ID).

2. Preparation

Before starting, make sure you have:

  • 2 VPS (Singapore & Indonesia) with Ubuntu/Debian OS

  • WireGuard installed on both VPS

  • Cloudflare WARP installed on the main VPS (SG)

  • Root access to the server and client

3. Installing WireGuard on Singapore & Indonesia VPS

apt update && apt install wireguard -y

4. WireGuard Configuration on Singapore VPS (/etc/wireguard/wg0.conf)

[Interface]
Address = 10.100.100.1/24
PrivateKey = <PRIVATE_KEY_SG>
ListenPort = 51820

[Peer]
PublicKey = <PUBLIC_KEY_ID>
AllowedIPs = 10.100.101.1/32
Endpoint = <PUBLIC_IP_ID>:51820
PersistentKeepalive = 25

5. WireGuard Configuration on Indonesia VPS (/etc/wireguard/wg0.conf)

[Interface]
Address = 10.100.101.1/24
PrivateKey = <PRIVATE_KEY_ID>
ListenPort = 51820

[Peer]
PublicKey = <PUBLIC_KEY_SG>
AllowedIPs = 10.100.100.1/32
Endpoint = <PUBLIC_IP_SG>:51820
PersistentKeepalive = 25

6. Starting WireGuard

systemctl enable wg-quick@wg0
systemctl start wg-quick@wg0

7. Installing Cloudflare WARP on Singapore VPS

curl -fsSL https://pkg.cloudflareclient.com/install.sh | bash
warp-cli register
warp-cli set-mode proxy
warp-cli connect

8. Adding Routing on Singapore VPS

iptables -t nat -A POSTROUTING -o warp0 -j MASQUERADE
iptables -A FORWARD -i wg0 -o warp0 -j ACCEPT
iptables -A FORWARD -i warp0 -o wg0 -j ACCEPT

9. Setting Up Failover from Singapore to Indonesia

while true; do
  ping -c 3 10.100.100.1 > /dev/null
  if [ $? -ne 0 ]; then
    ip route replace default via 10.100.101.1 dev wg0
  else
    ip route replace default via 10.100.100.1 dev wg0
  fi
  sleep 10
done

Save this script as /root/failover.sh and run:

chmod +x /root/failover.sh
nohup /root/failover.sh &

10. Testing the Connection

On the client, try connecting to the WireGuard Singapore VPS and check if routing is working correctly.

ping -c 3 8.8.8.8
curl ifconfig.me

Conclusion This system ensures an optimized connection with automatic failover. All bandwidth remains from the VPS, while Starlink is only used as a transit path. If you have any questions, feel free to leave a comment on the blog!

About Rufaidah-network

Techism is an online Publication that complies Bizarre, Odd, Strange, Out of box facts about the stuff going around in the world which you may find hard to believe and understand. The Main Purpose of this site is to bring reality with a taste of entertainment

0 komentar:

Post a Comment

Subscribe to: Post Comments (Atom)

Copyright © Pembelajaran IT ™ is a registered trademark.

Designed by Templateism. Hosted on Blogger Platform.