Ubuntu 20.04 has set up a WireGuard VPN server.

How to install and configure WireGuard VPN server on a Linux Ubuntu 20.4 LTS server? How can you configure Ubuntu 20.04 as a WireGuard VPN server?

WireGuard is an open, free, modern and fast VPN with modern cryptography. It’s faster and easier than IPSec and OpenVPN. Initially released for the Linux kernel, but also gets cross-platform support for other operating systems. This page explains how to install and configure WireGuard VPN on a Linux Ubuntu 20.04 LTS server.

 

Procedure: Ubuntu 20.04 WireGuardVPN Server Configuration

Our installation example includes a simple peer-to-peer connection between a cloud server running on Ubuntu 20.04 LTS and an Ubuntu/Ubuntu/RHEL/SUSE/OpenSUSECentOS Linux workstation client:Reference Windows Plesk server support.
Ubuntu 20.04 has set up a WireGuard VPN server.
Below are the steps to install WireGuard on Ubuntu Linux 20.04 LTS and configure it as a VPN server.

Note that {[email protected]:~ }$ or {[email protected]:~ }$ is my shell command line and is not part of the real commands. In other words, you have to copy the command and paste it into my shell.

Step 1 – System upgrade

Run the apt command to install Ubuntu 20.04:
{[email protected]:~ }$ sudo apt update
{[email protected]:~ }$ sudo apt upgrade

Step 2 – Installation of WireGuard VPN Server on Ubuntu 20.04 LTS

We now have updates for our server with the latest security patches. It is time to configure the WireGuard VPN server on the Ubuntu 20.04 server. Login:
{[email protected]:~ }$ sudo install apt wireguard
Ubuntu 20.04 has set up a WireGuard VPN server. .

Step 3 – Configuring the WireGuardServer

First we need to create a private and public key pair for the WireGuard server. Enter cd in /etc/wireguard using the command cd
{[email protected]:~ }$ sudo -i
{[email protected]:~ }# cd /etc/wireguard/
Run the following command:
{[email protected]:~ }# umask 077; wg genkey | tee private key | wg pubkey > public key
To display the generated keys, use the cat command and the ls command :
{[email protected]:~ }# ls -l private key public key
{[email protected]:~ }# cat private key
## write the private key to ##
{[email protected]:~ }# cat public key
Ubuntu 20.04 has set up a WireGuard VPN server. .

Implementation of VPN WireGuard on Ubuntu with wg0.confedition.

Edit or update the /etc/wireguard/wg0.conf file as follows
{[email protected]:~ }$ sudo nano /etc/wireguard/wg0.conf
## OR ##
{[email protected]:~ }$ sudo vim /etc/wireguard/wg0.conf
Apply the following configuration guidelines:

## Configure VPN WireGuard on Ubuntu by editing/creating the wg0.conf file ##
[interface]
## Personal IP address of my VPN server ## Address
= 192.168.6.1/24

## My VPN server port ##
ListenPort = 41194

## VPN server private key, i.e. /etc/wireguard/private key ##
PrivateKey = eEvqkSJVw/7cGUEcJXmeHiNFDLBGOz8GpShecvNHU=

## Save this configuration file and update it when a new peer (vpn client) is added ##
SaveConfig = true

## Set Up WireGuard VPN on Ubuntu By Editing/Creating wg0.conf File ##
[Interface]
## My VPN server private IP address ##
Address = 192.168.6.1/24
## My VPN server port ##
ListenPort = 41194
## VPN server’s private key i.e. /etc/wireguard/privatekey ##
PrivateKey = eEvqkSJVw/7cGUEcJXmeHiNFDLBGOz8GpScshecvNHU=
## Save and update this config file when a new peer (vpn client) added ##
SaveConfig = true

Save the file and close it with the vim text editor.

Step 4 – Configuring UFWFirewall rules

I assume you have configured UFW and we open the UDP port 41194 with the command ufw as follows
sudo ufw 41194/udp
See How to configure a Firewall from UFW to Ubuntu 20.04 LTS for more details.

Step 5 – Activate and start the WireGuardservice.

At startup, enable the WireGuard service with the command systemctl, start:{[email protected]:~ }$ sudo systemctl set [email protected] Start the service, start:{[email protected] :~ }$ sudo systemctl start [email protected] Get service status, run:{[email protected]:~ }$ sudo systemctl start [email protected]:{[email protected]:~ }$ sudo systemctl start [email protected]

Make sure that the interface named wg0 runs on the Ubuntu server with the ip command:
{[email protected]:~ }$ sudo wg
{[email protected]:~ }$ sudo ip show wg0
Ubuntu 20.04 has set up a WireGuard VPN server. authentication commands .

Step 6 – Configure Wireguard VPN Client

The procedure for installing and configuring the VPN client is the same as for installing the server. Install the client on the Ubuntu Linux 20 desktop.04 LTS:{[email protected]:~ }$ sudo apt install wireguardOther, we need to make a VPN client configuration in Ubuntu/Debian/CentOS Linux:{[email protected]:~ }$ sudo sh -c ‘umask 077; hit /etc/wireguard/wg0conf{[email protected]:~ }$ sudo -i{[email protected]:~ }# cd /etc/wireguard/{[email protected]:~ }# umask 077; wg genkey | tee private key | wg pubkey > public key{[email protected]:~ }# umask 077; wg genkey | wg pubkey > public key{[email protected]:~ }#:~ }# ls -l publickey privatekey##### Write privatekey ##{[email protected]:~ }# cat privatekey WireGuard VPN Client configuration Edit /etc/wireguard/wg0.Configuration File:{[email protected]:~ }$ sudo nano /etc/wireguard/wg0.conf## OR ##{[email protected]:~ }$ sudo vim /etc/wireguard/wg0.conf Apply the following guidelines:

interface]
## This desktop/client private key ##
PrivateKey = uJPzgCQ6WNlAUp3s5rabE/EVt1qYh3Ym01sx6oJI0V4=

## client ip address ## address
= 192.168.6.2/24

Peer]
## Ubuntu server PublicKey 20.04 ##
PublicKey = qdjdqh2+N3DEMDUDRob8K3b+9BZFJbT59f+rBrl99zM

## set ACL ##
AllowedIPs = 192.168.6.0/24

## public IPv4/IPv6 server address and Ubuntu LTS port 20.04 and port ##
endpoint = 172.105.112.120:41194

## LivingKey Connection ##
PersistentKeepalive = 15

[Interface]
## This Desktop/client’s private key ##
PrivateKey = uJPzgCQ6WNlAUp3s5rabE/EVt1qYh3Ym01sx6oJI0V4=
## Client ip address ##
Address = 192.168.6.2/24
[Peer]
## Ubuntu 20.04 server public key ##
PublicKey = qdjdqh2+N3DEMDUDRob8K3b+9BZFJbT59f+rBrl99zM
## set ACL ##
AllowedIPs = 192.168.6.0/24
## Your Ubuntu 20.04 LTS server’s public IPv4/IPv6 address and port ##
Endpoint = 172.105.112.120:41194
## Key connection alive ##
PersistentKeepalive = 15

Activate and start VPN client/speaker connection, Start:
{[email protected]:~ }$ sudo systemctl start [email protected]
{[email protected]:~ }$ sudo systemctl start [email protected]
{[email protected]:~ }$ sudo systemctl status [email protected]

Let the desktop client and Ubuntu server connect via VPN

We need to set up a peer-to-peer VPN on the server side and enable the connection between the client computer and the server. Let’s go back to our Ubuntu 20.04 LTS server and the wg0.conf file to add the [peer] (client) information as follows (enter the commands in the server field):
{[email protected]:~ }$ sudo systemctl stop [email protected]
{[email protected]:~ }$ sudo vi /etc/wireguard/wg0.conf
Let’s add the following configuration file :

Peer]
## Public Key for Desktop/VPN Client ##
PublicKey = u2ao8GNNUWAirtjq0eL1UpHVkMep5/EUalbZcdH0imc=

## VPN client IP address (note the /32 subnet) ##
IP allowed = 192.168.6.2/32

[Peer]
## Desktop/client VPN public key ##
PublicKey = u2ao8GNNUWAirtjq0eL1UpHVkMep5/EUalbZcdH0imc=
## client VPN IP address (note the /32 subnet) ##
AllowedIPs = 192.168.6.2/32

Save the file and close it. Then restart the service and start:
{[email protected]:~ }$ sudo systemctl start [email protected]

Step 7 – Test

That’s right, folks. Now Ubuntu servers and clients must be securely connected via a peer-to-peer VPN called WireGuard. Let’s check the connection. Enter the following ping command on your client computer/desktop system:
{[email protected]:~ }$ ping -c 4 192.168.6.1 1
{[email protected]:~ }$ sudo wg

Conclusion

Congratulations! You just learned how to configure the WireGuard VPN server on the Ubuntu 20.04 LTS server and the peer-to-peer (client) machine on both Ubuntu/CentOS Linux desktops. I strongly advise you to read the WireGuard project documentation here.

RECOMMENDATIONS

Published: Vivek gears

The author is the creator of nixCraft and an experienced system administrator, DevOps engineer and Linux/Unix shell script trainer. Receive the latest tutorials on SysAdmin, Linux/Unix and open source topics via RSS/XML feed or weekly by email.ubuntu 20.04 wireguard,ubuntu 20.04 wireguard client,wireguard server setup,ubuntu wireguard,wireguard home vpn,wireguard vs openvpn,wireguard server gui,wireguard server windows

Share:

administrator