Set Up Your Own Wireguard VPN Server on Ubuntu 22.04
HTML-код
- Опубликовано: 29 сен 2024
- In this video, we have an exciting tutorial where we'll be setting up WireGuard VPN on Ubuntu 22.04, step by step. WireGuard is a modern, fast, and secure VPN protocol. Setting it up on Ubuntu is relatively straightforward, and I'll guide you through the process.
Get Kamatera VPS (30 days free trial)
zacs-tech.com/...
Get RedHosting VPS
zacs-tech.com/...
Get InterServer VPS
zacs-tech.com/...
Get Hawk Host VPS
zacs-tech.com/...
Register domain name
tinyurl.com/y8...
Commands
sudo nano /etc/sysctl.conf
sudo sysctl -p
sudo apt install wireguard
wg genkey | sudo tee /etc/wireguard/server_private.key | wg pubkey | sudo tee /etc/wireguard/server_public.key
sudo nano /etc/wireguard/wg0.conf
----------------------------------------------------------------------------------
[Interface]
Private IP address for the wg0 interface ##
Address = 10.0.0.1/24
VPN server listening port ##
ListenPort = 51820
VPN server private key ##
PrivateKey = ncjecndiuvndeivenokdmcdpo0dockecok
Firewall rules ##
PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE
PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD
-------------------------------------------------------------------------------------------------------------
ip -o -4 route show to default | awk '{print $5}'
sudo chmod -R 600 /etc/wireguard/
sudo systemctl enable wg-quick@wg0
sudo systemctl start wg-quick@wg0
sudo systemctl status wg-quick@wg0.service
wg genkey | sudo tee /etc/wireguard/client_private.key | wg pubkey | sudo tee /etc/wireguard/client_public.key
sudo nano /etc/wireguard/wg0.conf
-----------------------------------------------------------------------------------------------------------------------
[Interface]
VPN client private IP address ##
Address = 10.0.0.2/24
VPN client private key ##
PrivateKey = 0COkq1GMM86CmlF5blPFDYhU84iTX8iJ7lWoC1gLfnk=
[Peer]
VPN server public key ##
PublicKey = Znnnnnmjiio
VPN server public IP address and port ##
Endpoint = 192.168.122.101:51820
Route all the traffic through the VPN tunnel ##
AllowedIPs = 0.0.0.0/0
Key connection alive ##
PersistentKeepalive = 15
------------------------------------------------------------------------------------------------------------
[Peer]
Client public key ##
PublicKey = 6mmmmmmm
Client IP address ##
AllowedIPs = 10.0.0.2/24
-------------------------------------------------------------------------------------------------------
sudo systemctl restart wg-quick@wg0.service
sudo systemctl start wg-quick@wg0
DISCLAIMER: This video and description contain affiliate links, which means that if you click on one of the product links, I’ll receive a small commission. This helps support the channel and allows us to continue to make videos like this. Thank you for your support!
a vps isn't required, you can self host.
very unorganized I should say, you mdae this complicated than it needed to be
Best and easy 2FA to config?
Thank you so much for this tutorial!
I am running UFW on my ubuntu server, the IP tables commands which you created are for allowing the traffic or there is more to it?
Mate this is the BEST wireguard setup tutorial video I have seen on internet... Excellent!!!
If you're logged in as root, no need to use sudo.
Followed the instructions until this command: 'sudo systemctl start wg-quick@wg0'. The output is: 'client_loop: send disconnect: Connection reset'. After that I can no longer log in to my server
oh no you destroyed your net configs and restarted the service only way to fix it is to reset your install or if in a vps ask for support
Is it possible to install wireguard on a server that uses a SIM for the internet connection?
Thank you very much for your reply
how do you keep switching between client and server?
via SSH
Great Tutorial very accurate. Congrats and thank you !
Thank you
error in setup Firewall rules ##
PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE
PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERAD
it's MASQUERADE not MASQUERAD at last line