# Create Wireguard Gateway
* Creates a new WireGuard Gateway.
* The full WireGuard Gateway needs to be provided to create the object. Optional data will be filled with defaults or left empty.
{% hint style="info" %}
**Note:** VPN Gateways do not support connecting to LANs directly managed by Managed Kubernetes. However, you can attach additional LANs to node pools and connect these LANs to a VPN Gateway.
{% endhint %}
To create a WireGuard Gateway, perform a `POST` request.
## Endpoint
Use a [region-specific](/cloud/network-services/vpn-gateway/api-how-tos.md#endpoints) endpoint to create a WireGuard Gateway: `https://vpn.{region}.ionos.com/wireguardgateways`.
## Request
```bash
curl --location \
--request POST 'https://vpn.de-fra.ionos.com/wireguardgateways' \
--header 'Authorization: Bearer eyJ0eXAiOiJKV1QiLCJraWQiO' \
--header 'Content-Type: application/json' \
--data-raw '{
"metadata": {},
"properties": {
"name": "My Company Gateway",
"description": "This gateway allows connections to Datacenter LAN X.",
"gatewayIP": "81.173.1.2",
"interfaceIPv4CIDR": "172.16.0.1/30",
"interfaceIPv6CIDR": "fd00::2/128",
"connections": [
{
"datacenterId": "5a029f4a-72e5-11ec-90d6-0242ac120003",
"lanId": "2",
"ipv4CIDR": "192.168.1.100/24",
"ipv6CIDR": "fd28:5f8d:d9fe:08bd::/64"
}
],
"privateKey": "0HpE4BNwGHabeaC4aY/GFxB6fBSc0d49Db0qAzRVSVc=",
"listenPort": 51820,
"tier": "STANDARD",
"maintenanceWindow": {
"time": "16:30:59",
"dayOfTheWeek": "Monday"
}
}
}'
```
{% tabs %}
{% tab title="Request Body Parameters" %}
Below is the list of mandatory body parameters for creating a WireGuard Gateway:
| Body Parameters | Required | Type | Description | Example |
| ------------------------------ | -------- | ------- | ---------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------- |
| `metadata` | no | object | Metadata | `{}` |
| `properties` | yes | object | Properties with all data needed to create a new WireGuard Gateway. | |
| `properties.name` | yes | string | The human readable name of your WireGuard Gateway. | `My Company Gateway` |
| `properties.description` | no | string | Human readable description of the WireGuard Gateway. | `This gateway allows connections to Datacenter LAN X.` |
| `properties.gatewayIP` | yes | string | Public IP address to be assigned to the gateway. | `192.0.2.0` |
| `properties.interfaceIPv4CIDR` | no | string | The IPV4 address (with CIDR mask) to be assigned to the WireGuard interface. | `172.16.0.1/32` |
| `properties.interfaceIPv6CIDR` | no | string | The IPV6 address (with CIDR mask) to be assigned to the WireGuard interface. | `2001:0db8:85a3::/128` |
| `properties.connections` | yes | array | The network connection for your gateway. | `[ { "datacenterId": "5a029f4a-72e5-11ec-90d6-0242ac120003", "lanId": "2", "ipv4CIDR": "192.168.1.100/24", "ipv6CIDR": "2001:0db8:85a3::/24" } ]` |
| `properties.privateKey` | yes | string | PrivateKey used for WireGuard Server. | `0HpE4BNwGHabeaC4aY/GFxB6fBSc0d49Db0qAzRVSVc=` |
| `properties.listenPort` | no | integer | Port that WireGuard Server will listen on. | 51820 |
| {% endtab %} | | | | |
{% tab title="Request Header Parameters" %}
To make authenticated requests to the API, the following fields are mandatory in the request header:
| Header Parameters | Required | Type | Description |
| ----------------- | -------- | ------ | ------------------------------------------------------------------------------- |
| `Authorization` | yes | string | The Bearer token enables requests to authenticate using a JSON Web Token (JWT). |
| `Content-Type` | yes | string | Set this to `application/json`. |
| {% endtab %} | | | |
| {% endtabs %} | | | |
## Response
**201 Successful operation**
```json
{
"id": "85c79b4b-5b40-570a-b788-58dd46ea71e2",
"type": "wireguardgateway",
"href": "/wireguardgateways/85c79b4b-5b40-570a-b788-58dd46ea71e2",
"metadata": {
"createdDate": "2020-12-10T13:37:50+01:00",
"createdBy": "ionos:identity:::users/87f9a82e-b28d-49ed-9d04-fba2c0459cd3",
"createdByUserId": "87f9a82e-b28d-49ed-9d04-fba2c0459cd3",
"lastModifiedDate": "2020-12-11T13:37:50+01:00",
"lastModifiedBy": "ionos:identity:::users/87f9a82e-b28d-49ed-9d04-fba2c0459cd3",
"lastModifiedByUserId": "87f9a82e-b28d-49ed-9d04-fba2c0459cd3",
"resourceURN": "ionos::::",
"status": "AVAILABLE",
"statusMessage": null,
"publicKey": "-----BEGIN PUBLIC KEY-----\nMCowBQYDK2VuAyEApNLcmIfCLRwyGYN16teusuGPkdGo2C8OxiqaJLgOig4=\n-----END PUBLIC KEY-----\n"
},
"properties": {
"name": "My Company Gateway",
"description": "This gateway allows connections to Datacenter LAN X.",
"gatewayIP": "192.0.2.0",
"interfaceIPv4CIDR": "172.16.0.1/32",
"interfaceIPv6CIDR": "2001:0db8:85a3::/128,
"connections": [
{
"datacenterId": "5a029f4a-72e5-11ec-90d6-0242ac120003",
"lanId": "2",
"ipv4CIDR": "192.168.1.100/24",
"ipv6CIDR": "2001:0db8:85a3::/24"
}
],
"listenPort": 51820
}
}
```
{% hint style="success" %}
**Result:** The WireGuard Gateway is successfully created. the `id` and other details of the created WireGuard Gateway are provided in the response.
{% endhint %}
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://docs.ionos.com/cloud/network-services/vpn-gateway/api-how-tos/create-wireguard-gateway.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.