Setting Up WireGuard VPN

By /

WireGuard is a modern VPN (Virtual Private Network) protocol known for its simplicity and efficiency. In this guide, we’ll walk through the steps to install and configure WireGuard on a Linux server and client.

Step 1: Installation

Begin by updating the package list and installing WireGuard on your server:

apt update
apt install wireguard

Step 2: Generating Keypairs

Navigate to the WireGuard configuration directory and generate keypairs for the server and client:

cd /etc/wireguard/
umask 077; wg genkey | tee privatekey | wg pubkey > publickey

Step 3: Enable IP Forwarding

You need to enable IP forwarding in the kernel. Edit /etc/sysctl.conf and add the following line:

net.ipv4.ip_forward = 1

Then reload the settings:

sysctl -p

Server Configuration

Create the WireGuard configuration file /etc/wireguard/wg0.conf for the server:

nano /etc/wireguard/wg0.conf

Add the following configuration:

[Interface]
Address = 192.168.11.1/24
SaveConfig = true
PostUp = iptables -A FORWARD -i wg0 -d ALLOWED_IP/32 -j ACCEPT; iptables -A FORWARD -i wg0 -j REJECT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
PostDown = iptables -D FORWARD -i wg0 -d ALLOWED_IP/32 -j ACCEPT; iptables -D FORWARD -i wg0 -j REJECT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
ListenPort = 51820
PrivateKey = YOUR_SERVER_PRIVATE_KEY

[Peer]
PublicKey = YOUR_CLIENT_PUBLIC_KEY
AllowedIPs = 192.168.11.2/32

Client Configuration

Create the WireGuard configuration file /etc/wireguard/wg0.conf for the client:

nano /etc/wireguard/wg0.conf

Add the following configuration:

[Interface]
PrivateKey = YOUR_CLIENT_PRIVATE_KEY
Address = 192.168.11.2/24
Endpoint = SERVER_PUBLIC_IP:51820
PersistentKeepalive = 20

[Peer]
PublicKey = YOUR_SERVER_PUBLIC_KEY
AllowedIPs = 0.0.0.0/0

Testing

Start the WireGuard interface on both the server and client:

systemctl start wg-quick@wg0
ip a show wg0

Conclusion

Congratulations! You’ve successfully set up WireGuard VPN on your server and client. WireGuard provides a lightweight and efficient VPN solution for securing network communication. By following the steps outlined in this guide, you can create a secure and private network for your applications and services.

Related Posts

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top