Install WireGuard VPN on Ubuntu 22.04

by

This article is going to take you through on how to Install WireGuard VPN on Ubuntu 22.04. WireGuard is a communication protocol and free and open-source software for implementing encrypted virtual privatev networks (VPNs). It was created with the aim of ease of use, fast performance, and a small attack surface in mind. The WireGuard protocol uses UDP to transport data.

A VPN allows you to connect to untrusted networks as if they were private. It allows you to use your smartphone or laptop to surf the internet safely and securely when connecting to an untrusted network, such as the WiFi at a hotel or coffee shop.

How to Install WireGuard VPN on Ubuntu 22.04

  • Start by updating your system by running the following command on your terminal so as to Install WireGuard VPN on Ubuntu 22.04.
sudo apt update

Install WireGuard VPN on Ubuntu 22.04

  • Next run the command below to install WireGuard VPN on Ubuntu 22.04.
sudo apt install wireguard

Sample output

Reading package lists... Done
Building dependency tree       
Reading state information... Done
The following additional packages will be installed:
  wireguard-tools
Suggested packages:
  openresolv | resolvconf
The following NEW packages will be installed:
  wireguard wireguard-tools
0 upgraded, 2 newly installed, 0 to remove and 0 not upgraded.
Need to get 0 B/86.6 kB of archives.
After this operation, 344 kB of additional disk space will be used.
Do you want to continue? [Y/n] y
Selecting previously unselected package wireguard-tools.
(Reading database ... 219661 files and directories currently installed.)
Preparing to unpack .../wireguard-tools_1.0.20200513-1~20.04.2_amd64.deb ...
Unpacking wireguard-tools (1.0.20200513-1~20.04.2) ...
Selecting previously unselected package wireguard.
Preparing to unpack .../wireguard_1.0.20200513-1~20.04.2_all.deb ...
Unpacking wireguard (1.0.20200513-1~20.04.2) ...
Setting up wireguard-tools (1.0.20200513-1~20.04.2) ...
wg-quick.target is a disabled or a static unit not running, not starting it.
Setting up wireguard (1.0.20200513-1~20.04.2) ...
Processing triggers for man-db (2.9.1-1) ...

Configure WireGuard on Ubuntu 22.04

  • Then run the command below to generate both a public and a private key..
wg genkey | tee /etc/wireguard/privatekey | wg pubkey | tee /etc/wireguard/publickey
  • Run the following command to see if both keys are created.
sudo ls /etc/wireguard
  • Display the content of private key using the following command.
sudo cat /etc/wireguard/privatekey
  • To display the content of private key use the command below.
sudo cat /etc/wireguard/publickey
  • Set the default route in the WireGuard configuration file by adding the configs below with your details.
  • Open the config file using the command below.
sudo nano /etc/wireguard/wg0.conf
  • Then add the configuration file.
[Interface]
Address = 10.0.0.1/24
SaveConfig = true
ListenPort = 51820
PrivateKey = Your-server-private-key-created-above
PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
  • Press ctrl+s to save then ctrl+x to close the file.
  • To restrict access to root users exclusively, use the following command after making modifications to the configuration file.
sudo chmod 600 /etc/wireguard/{privatekey,wg0.conf}
  • Next enable wg0 interface using the following command.
sudo wg-quick up wg0
  • If you are using firewall in your system allow port 51820 using the command below.
sudo ufw allow 51820/udp
  • Enable WireGuard VPN on Ubuntu 22.04 to start on boot.
sudo systemctl enable wg-quick@wg0
  • Start WireGuard VPN using the command below.
sudo systemctl start wg-quick@wg0
  • WireGuard VPN should be running, verify using the following command.
sudo systemctl status wg-quick@wg0

Sample output

[email protected] - WireGuard via wg-quick(8) fo>
     Loaded: loaded (/lib/systemd/system/[email protected]>
     Active: active (exited) since Mon 2022-03-14 14:>
       Docs: man:wg-quick(8)
             man:wg(8)
             https://www.wireguard.com/
             https://www.wireguard.com/quickstart/
             https://git.zx2c4.com/wireguard-tools/ab>
             https://git.zx2c4.com/wireguard-tools/ab>
    Process: 941 ExecStart=/usr/bin/wg-quick up wg0 (>
   Main PID: 941 (code=exited, status=0/SUCCESS)

Mar 14 14:22:11 chat.itnixpro.com wg-quick[941]: [#] >
Mar 14 14:22:10 chat.itnixpro.com systemd[1]: Startin>
Mar 14 14:22:13 chat.itnixpro.com wg-quick[941]: [#] >
Mar 14 14:22:13 chat.itnixpro.com wg-quick[941]: [#] >
Mar 14 14:22:13 chat.itnixpro.com wg-quick[941]: [#] >
Mar 14 14:22:13 chat.itnixpro.com wg-quick[941]: [#] >
Mar 14 14:22:14 chat.itnixpro.com systemd[1]: Finishe>

Enable IP Forwarding

  • To enable IP forwarding, open /etc/sysctl.conf file and uncomment net.ipv4.ip_forward=1 line.

Run the following command to open the file.

sudo nano /etc/sysctl.conf

Then uncomment the line below.

net.ipv4.ip_forward=1

Press ctrl+s to save and ctrl+x to close the file.

  • After closing the file, run the following command to update changes.
sudo sysctl -p
  • You have reached the end of the article, Congratulations. You have learned how to Install WireGuard VPN on Ubuntu 22.04.

Read more about WireGuard VPN

Other Tutorials

Install Envoy Proxy on Ubuntu 22.04

Install Squid Proxy on Ubuntu 22.04

Install Mattermost on Ubuntu 22.04

System administrator | Software Developer | DevOps

Leave a Comment