WireGuard Essentials
- Install Wireguard Ubuntu 20.04 +
- Install WireGuard on Ubuntu Pre 19.10
- Generate Server Keys
- Setup Firewall
- Enable Packet Forwarding
- Install Open Resolv
- Setup Server Interface
- Online Server Interface
- Generating Client Keys
- Add Client To Server As Peer
- Install QR Generator
- Generate QR Code
- Make WireGuard Auto Start Automatically
- Problems and Fixes
- Related
- Links
Install Wireguard Ubuntu 20.04 +
Works on Ubuntu 22.04
sudo apt-get update && sudo apt-get install wireguard -yInstall WireGuard on Ubuntu Pre 19.10
sudo add-apt-repository ppa:wireguard/wireguard
sudo apt-get update
sudo apt-get install wireguardGenerate Server Keys
umask 077
wg genkey | tee privatekey | wg pubkey > publickeySetup Firewall
sudo ufw allow 22/tcp
sudo ufw allow 51820/udp
sudo ufw enable
sudo ufw statusFor more information regarding UFW Firewall
Enable Packet Forwarding
echo "net.ipv4.ip_forward = 1 net.ipv6.conf.all.forwarding = 1" > /etc/sysctl.d/wg.confsysctl --systemAdditional info on IP Forwarding
Install Open Resolv
#Otherwies a client will fail
sudo apt install openresolvSetup Server Interface
sudo nano /etc/wireguard/wg0.conf[Interface]
Address = 10.100.100.1/24
SaveConfig = true
PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -A FORWARD -o %i -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -D FORWARD -o %i -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
ListenPort = 51820
PrivateKey = ###
Online Server Interface
sudo wg-quick up wg0
#Query it it is running
sudo wg
ip addr show wg0Set the Interface to Start Automatically
sudo wg-quick down wg0
systemctl start wg-quick@wg0
systemctl enable wg-quick@wg0Generating Client Keys
sudo wg genkey | tee Client1-PrivateKey | wg pubkey > Client1-PublicKeyAdd Client To Server As Peer
#On the server
sudo nano /etc/wireguard/wg0.confadd the following under the line referencing the server private key
[Peer]
PublicKey = ###
AllowedIPs = 10.100.100.2/24
Install QR Generator
sudo apt install qrencodeGenerate QR Code (Optional)
qrencode -t ansiutf8 < Client1.confMake WireGuard Auto Start Automatically
sudo systemctl enable wg-quick@wg0
Problems and Fixes
This Problem occured on Ubuntu 18.04:
Note this method did NOT fix a Pi Zero W
sudo wg-quick up wg0 [#] ip link add wg0 type wireguard Error: Unknown device type. Unable to access interface: Protocol not supported [#] ip link delete dev wg0 Cannot find device "wg0"
Fix:
sudo apt purge wireguard-dkms && sudo reboot
sudo apt install wireguard-dkmsRelated
- Install WireGuard on PiKVM
- Install WireGuard on Raspberry Pi Zero W
- Install WireGuard on Raspberry Pi Raspbian
- Enable IP Forwarding in Linux
- UFW Uncomplicated Firewall
- VPN Only UFW Setup
- HMA VPN Linux Setup
Links
- -https://www.wireguard.com/
- -https://www.wireguard.com/repositories/
- https://git.zx2c4.com/