Configuration File

Here's an example configuration file.

# This is a sample config file for TunSafe. It uses the same syntax as
# WireGuard's wg-quick tool

# The private key of this computer. This is a secret key, don't give it out.
# To convert it to a public key you can go to 'Generate Key Pair' in TunSafe.
PrivateKey = gIIBl0OHb3wZjYGqZtgzRml3wec0e5vqXtSvCTfa42w=

# Whether we want to bind a port to allow others to initiate connections to us.
# Please ensure this port is mapped in your router.
# ListenPort = 51820

# Switch DNS server while connected. Either IPv4 or IPv6.
# DNS = 

# Whether to block all outgoing DNS and force all DNS to go through the VPN. This
# prevents leakage of what websites you visit.
# BlockDNS = true

# The addresses to bind to. Either IPv4 or IPv6. /31 and /32 are not supported.
Address =

# Can be used to change MTU of the network adapter in Windows. We want this to
# be lower than the default 1500 to ensure the WireGuard headers don't cause
# fragmentation.
# MTU = 1420


# The public key of the peer. Do not use the private key here. Use the 'Generate Key Pair'
# function in TunSafe to convert a private key to a public key.
PublicKey = hIA3ikjlSOAo0qqrI+rXaS3ZH04Yx7Q2YQ4m2Syz+XE=

# It's also possible to use a preshared key for extra security
PresharedKey  =  SNz4BYc61amtDhzxNCxgYgdV9rPU+WiC8woX47Xf/2Y=

# The IP range that we may send packets to for this peer. Specify or ::/0 here
# to also insert an entry in the routing table to tunnel all traffic through the VPN.
AllowedIPs =

# Address of the server. Can be either IPv4 or IPv6.
Endpoint =

# Send periodic keepalives to ensure connection stays up behind NAT, in seconds.
PersistentKeepalive = 25

# When the peer is used as default gateway, whether to forward multicast and broadcast
# packets through the tunnel.
# AllowMulticast = false