Set Up WireGuard VPN on Ubuntu

Add the wireguard repository

$sudo add-apt-repository ppa:wireguard/wireguard

Install the wireguard package

$sudo apt install wireguard

Configure WireGuard Server

Generate a private and public key pair for the WireGuard server

$umask 077
$wg genkey | tee privatekey | wg pubkey > publickey

It will be saved in home directory and you can see it using

cat privatekey and cat publickey respectively.

Now create the file /etc/wireguard/wg0.conf and add the following content.

[Interface]
PrivateKey = Enter the private key here
Address = IPv4 address/24, IPv6 Address/64
ListenPort = 51820
SaveConfig = true

Set up firewall

$sudo ufw allow 22/tcp
$sudo ufw allow 51820/udp
$sudo ufw enable

Start the Wireguard Service

Stat Wireguard:

$wg-quick up wg0

Enable Wireguard to automatically start on boot

$sudo systemctl enable [email protected]

Check VPN tunnel is running or nor

$sudo wg show

Configure WireGuard Client

Generate a private and public key pair for the WireGuard server

$umask 077
$wg genkey | tee privatekey | wg pubkey > publickey

It will be saved in home directory and you can see it using

cat privatekey and cat publickey respectively.

Now create the file /etc/wireguard/wg0.conf and add the following content.

[Interface]
PrivateKey = Enter the private key here
Address = IPv4 address/24, IPv6 Address/64

Connection between Client and Server

Edit the wg0.conf file of Client server and add the Public key of Server, IPAddress:port

[Peer]
PublicKey = Public Key of Server
Endpoint = Server public IP:51820
AllowedIPs = Public IPv4 address/24, Public IPv6 Address/64

Enable the wg service

$wg-quick up wg0
$systemctl enable [email protected]

Verify the connection using:

$sudo wg