WireGuard Core Knowledge Concepts | Term | Meaning | |---|---| | Interface | Virtual network adapter ( ). One per VPN tunnel. | | Private key | Generated per peer; never shared. | | Public key | Derived from private key; exchanged with remote peers. | | Peer | Any other WireGuard node (server or client). | | AllowedIPs | IP ranges allowed through the tunnel to/from this peer. Acts as routing table + firewall. | | Endpoint | where this peer is reachable (optional on server for dynamic clients). | | PersistentKeepalive | Sends keepalive every N seconds — required for clients behind NAT. | | Pre…