Normally NordVPN doesn’t provide Wireguard configs to you but you can generate with simple Linux bash script on Github.
Method 1: https://github.com/sfiorini/NordVPN-Wireguard
Wireguard configuration file generator for a NordVPN
A bash scripts that generates Wireguard configuration file for a NordVPN connection.
INSTALL
This guide assumes the use of Ubuntu. A similar install procedure will work on other distros.
Clone this project
First let’s clone this project so that you’ll have the script on your target Ubuntu system.
git clone https://github.com/sfiorini/NordVPN-Wireguard
Install required packages
sudo apt install wireguard curl jq net-tools
Install NordVPN client
Execute the following command and follow the on screen instructions:
sh <(curl -sSf https://downloads.nordcdn.com/apps/linux/install.sh)
Login to your NordVPN account
The procedure differs if you have MFA enabled on your account:
MFAis ENABLED on your accountnordvpn login
This will return a URL link. Open the link on any browser, on any machine and perform the login. Cancel out of the
Open withpopup, and copy the link that is assigned to theContinuelink, under the message sayingYou've successfully logged in.Back to the terminal
nordvpn login --callback "<The link you copied>"
And it will log you in.
MFAis NOT ENABLED on your accountUselegacyusername and password to login.
Note: This will NOT work if you have
Multi Factor Authenticationenabled. (See above for theMFAmethod)nordvpn login --legacy
Change protocol to NordLynx
After a successful login, please set NordVPN to use NordLynx protocol.
sudo nordvpn set technology nordlynx
Generate Wireguard configuration files
The script is quite simple and can be run without parameters to generate a config file for the recommended server:
$ ./NordVpnToWireguard.sh Getting configuration for recommended server... Wireguard configuration file NordVPN-us1234.conf created successfully!
Requesting a specific country:
$ ./NordVpnToWireguard.sh --country Canada Getting configuration for recommended server in Canada Wireguard configuration file NordVPN-ca1234.conf created successfully!
Requesting a specific city
$ ./NordVpnToWireguard.sh --city Berlin Getting configuration for recommended server in Berlin Wireguard configuration file NordVPN-de1234.conf created successfully!
Requesting a specific country and city
$ ./NordVpnToWireguard.sh --country Japan --city Tokyo Getting configuration for recommended server in Japan, city: Tokyo Wireguard configuration file NordVPN-jp1234.conf created successfully!
Getting help:
$ ./NordVpnToWireguard.sh --help Usage: NordVpnToWireguard [OPTIONS] OPTION includes: -v | --version - prints out version information. -c | --country - Country to connect to (ex. Canada). If option is not provided, NordVPN will get a wireguard configuration for the recommended country, unless a valid city name is provided. -s | --city - City to connect to (ex. Toronto). When country option is provided, NordVPN will look for the the city within the country and return the fastest server. If no country is provided, NordVPN will look up the fastest server for a city matching the name. -h | --help - displays this message.
Use the generated Wireguard configuration files
Import the file/s with the Wireguard client in any platform and activate the VPN.
Method 2: https://gist.github.com/bluewalk/7b3db071c488c82c604baf76a42eaad3
Instructions to obtain WireGuard details of your NordVPN account. These can be used to setup a WireGuard tunnel on your router to NordVPN.
Source: https://forum.gl-inet.com/t/configure-wireguard-client-to-connect-to-nordvpn-servers/10422/27
Prerequisites
If you have any linux machine, use that or install a vm if you don’t have one.
Get their official linux app installed. Make sure you have wireguard installed too. And set the used technology to Nordlynx by running nordvpn set technology nordlynx
Fetching details
Connect to nordvpn with command: nordvpn connect (don’t forget to login with nordvpn login --legacy).
Fetch (your) IP address
After successful connection run
ifconfig nordlynx
Fetch your private key
Run
sudo wg show nordlynx private-key
Output of this command should be something like this:
CKMAE9LARlt2eZHgGnNaSUYiKllKJN7f3hed/bWm5E8=
The key above is just a random key for demo purposes.
Fetch your public key
Run
sudo wg show nordlynx public-key
Output of this command should be something like this:
TO158iXbNXt2eZHgGnNaSUYiKZHgGN7f3hed/bWm5E8=
The key above is just a random key for demo purposes.
Fetch server details
Make sure you have curl and jq installed on your host/router. These are needed to be able to fetch the config of NordVPN Server. If not installed, go ahead and install
opkg install curl jq
After installation enter the command below to fetch the recommended server config:
curl -s "https://api.nordvpn.com/v1/servers/recommendations?&filters\[servers_technologies\]\[identifier\]=wireguard_udp&limit=1"|jq -r '.[]|.hostname, .station, (.locations|.[]|.country|.city.name), (.locations|.[]|.country|.name), (.technologies|.[].metadata|.[].value), .load'
Output:
uk1818.nordvpn.com #your endpoint host 178.239.166.185 #its ip address London #city United Kingdom #country K53l2wOIHU3262sX5N/5kAvCvt4r55lNui30EbvaDlE= #Server public key 10 #Server load at the time.
Or just visit the following url https://api.nordvpn.com/v1/servers/recommendations?&filters\[servers_technologies\]\[identifier\]=wireguard_udp&limit=1 from your browser and look for the details manually.