WireGuard is a novel VPN (Virtual Private Network) that runs inside the Linux kernel. It is easy to install and configure, and if you’re looking for great open-source VPN software to secure your communication, WireGuard is a great place to start. WireGuard uses a peer-to-peer VPN module, and depending on how you configure it, it can serve as a traditional VPN server or client. If you’re a student or a new user, you will find out that the easiest place to start learning Linux is on Ubuntu Linux OS. It’s a great Linux operating system for beginners. Ubuntu is an open-source Linux operating system that runs on desktops, laptops, servers, and other devices. To get started with installing and configuring WireGuard, follow the steps below:
Install WireGuard Server
WireGuard has a PPA repository that is well-maintained. Use this repository to install WireGuard so that when newer versions are available, your system can install them. To add WireGuard PPA and install from there, run the commands below to get some update Ubuntu and install some basic packages. Next, add the PPA repository and install WireGuard. Press Enter when prompted. This will install the repository file and fresh the system’s package sources. The second commands install WireGuard. After installing WireGuard, you should see a similar message as shown below: WireGuard is now installed and ready to be configured.
Configure WireGuard
Now that you’ve installed WireGuard, follow the steps below to configure it. First, go and create private and public keys. These keys are vital to the operation of a VPN for secure communications. Run the commands below to generate the public | and private key pair. These key files will be generated and stored in the /etc/wireguard directory. After generating the key pair above, your next task will be to create a tunnel device that will be used to route the VPN traffic. This can be done using the ip or wg command. For easier management, you can create a tunnel file and add its configurations to it. Run the commands below to create a tunnel file called wg0.conf Then copy and paste the lines below into the file and save. Save the file and exit. Details of the file above:
Address = the server network interface connected to the Internet. It can be IPv4 or IPv6 PrivateKey = private key creates above stored in the /etc/wireguard/privatekey. ListenPort = incoming port WireGuard listens on enp0s3 = should match the interface name on the server. Some systems will have different names for their interfaces.
To find your network interface details, run the commands below: It should output similar lines as shown below: After that, run the command below to activate the tunnel interface and bring it up. That should output similar lines as shown below: To validate that the tunnel interface is working, run the commands below: You should see a similar output as below: Because VPN needs to forward traffic, you’ll need to enable IP forwarding. To do that, run the commands below to open the below configuration file. Then uncomment the line below and save. After that, run the commands below to complete the server setup. This will save the changes in the /etc/sysctl.conf file and enable the UDP port through the firewall. This should complete the WireGuard VPN server setup.
Setup VPN Client
Now that the server is configured above, simply go and download the client VPN software and connect to the server. Download the client software from the link below: https://wireguard.com/install/ Run the installation and open WireGuard for Windows. Click Add Tunnel –> Add empty tunnel. Then a config pane should open where you set up your connection profile. My client has similar provisions as below: When you’re done, click Save.
Add Client Key and IP to Server
The final step is to add the client’s public key and IP address to the server. You can do that by running the commands below: With the client profile added to the server, you can now connect. To remove a client profile from the server, run the comment below: That should do it. Conclusion: This post showed you how to install WireGuard on Ubuntu 18.04 | 20.04. If you find any error above, please use the comment form below to report. Thanks, You may also like the post below: