Wireguard

This week I am going to setup a home VPN server using wireguard which is marketed as a simple to setup and easy to use VPN server. First will will need to install wireguard and for this demo I am using Ubuntu 20.04, run the command:

sudo apt install wireguard

Next we will complete the public and private keys, first we will make sure that only the correct user will be able to read the keys:

cd /etc/wireguard
umask 077
wg genkey | tee server_priv_key | wg pubkey > server_pub_key

Next we will enable some firewall rules using ufw. This is not needed if you are only connected on your home network.

ufw allow 22/tcp
ufw allow 51820/udp
ufw enable
ufw status verbose

Next we are going to set up the wireguard interface, this is completed in four commands:

ip link add wg0 type wireguard
ip addr add 10.0.0.1/24 dev wg0
wg set wg0 private-key server_priv_key
ip link set wg0 up

Next you can view your new wg interface with either:

wg
ip addr

Next we will add the peers to each other with this command, the first line is just an example of the needed information:

wg set wg0 peer <peer public key> allowed-ips <Private IP you set> endpoint <Public IP>:<port set>
wg set wg0 peer zQOSkB/pkfYNDnli7JXEN7FmOAvCEtUM0Ca5vtCaxF4= allowed-ips 10.0.0.1/32 endpoint 192.168.1.2:51820