How to Install Wireguard on Ubuntu 20.04

How to Install Wireguard on Ubuntu 20.04

Update and Upgrade Ubuntu

sudo apt-get update && sudo apt-get upgrade -y

Install Wireguard

sudo apt-get install wireguard

Open the system variables file for edit.

sudo nano /etc/sysctl.conf

Then uncomment the following line by removing the # at the beginning of the line.

net.ipv4.ip_forward=1

Apply

sudo sysctl -p

Install and Configure UFW

# Install UFW
sudo apt install ufw

# Firewall Rules
sudo ufw allow ssh
sudo ufw allow 51820/udp

# Enable Firewall
sudo ufw enable

#Check UFW Status
sudo ufw status

Generating private and public keys and Configure

# Change Directory
cd /etc/wireguard

# Set Permissions
umask 077

#  Generate a new key pair with the command below
wg genkey | tee privatekey | wg pubkey > publickey

Generate server config

# Create new config file
sudo nano /etc/wireguard/wg0.conf
[Interface]
PrivateKey = <contents-of-server-privatekey>
Address = 10.0.0.1/24
PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
ListenPort = 51820

[Peer]
PublicKey = <contents-of-client-publickey>
AllowedIPs = 10.0.0.2/32
sudo cat /etc/wireguard/publickey
sudo cat /etc/wireguard/privatekey

Start Wireguard

wg-quick up wg0

Check Wireguard Config

wg show

Enable Automatic Start

systemctl enable wg-quick@wg0

Update Server

sudo apt-get update && sudo apt-get upgrade -y

Client configuration

Create new Config file on Client Device

sudo nano /etc/wireguard/wg0.conf
Remember to set the client private key and server public key to their corresponding places and also include your WireGuard server’s public IP address.
[Interface]
Address = 10.0.0.2/32
PrivateKey = <contents-of-client-privatekey>
DNS = 1.1.1.1

[Peer]
PublicKey = <contents-of-server-publickey>
Endpoint = <server-public-ip>:51820
AllowedIPs = 0.0.0.0/0, ::/0
Note that setting AllowedIPs to 0.0.0.0/0, ::/0 will forward all traffic over the WireGuard VPN connection.

Start the connection with the command below.

sudo wg-quick up wg0

To Disconnect

sudo wg-quick down wg0
sudo systemctl stop wg-quick@wg0


Share Tweet Send
0 Comments
Loading...
You've successfully subscribed to Songer Tech
Great! Next, complete checkout for full access to Songer Tech
Welcome back! You've successfully signed in
Success! Your account is fully activated, you now have access to all content.