How to Install Wireguard on Ubuntu 20.04
Update and Upgrade Ubuntu
sudo apt-get update && sudo apt-get upgrade -yInstall Wireguard
sudo apt-get install wireguardOpen the system variables file for edit.
sudo nano /etc/sysctl.confThen uncomment the following line by removing the # at the beginning of the line.
net.ipv4.ip_forward=1Apply
sudo sysctl -pInstall and Configure UFW
# Install UFW
sudo apt install ufw
# Firewall Rules
sudo ufw allow ssh
sudo ufw allow 51820/udp
# Enable Firewall
sudo ufw enable
#Check UFW Status
sudo ufw status
Generating private and public keys and Configure
# Change Directory
cd /etc/wireguard
# Set Permissions
umask 077
# Generate a new key pair with the command below
wg genkey | tee privatekey | wg pubkey > publickey
Generate server config
# Create new config file
sudo nano /etc/wireguard/wg0.conf[Interface]
PrivateKey = <contents-of-server-privatekey>
Address = 10.0.0.1/24
PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
ListenPort = 51820
[Peer]
PublicKey = <contents-of-client-publickey>
AllowedIPs = 10.0.0.2/32sudo cat /etc/wireguard/publickey
sudo cat /etc/wireguard/privatekeyStart Wireguard
wg-quick up wg0Check Wireguard Config
wg showEnable Automatic Start
systemctl enable wg-quick@wg0Update Server
sudo apt-get update && sudo apt-get upgrade -yClient configuration
Create new Config file on Client Device
sudo nano /etc/wireguard/wg0.confRemember to set the client private key and server public key to their corresponding places and also include your WireGuard server’s public IP address.
[Interface]
Address = 10.0.0.2/32
PrivateKey = <contents-of-client-privatekey>
DNS = 1.1.1.1
[Peer]
PublicKey = <contents-of-server-publickey>
Endpoint = <server-public-ip>:51820
AllowedIPs = 0.0.0.0/0, ::/0Start the connection with the command below.
sudo wg-quick up wg0
To Disconnect
sudo wg-quick down wg0
sudo systemctl stop wg-quick@wg0