Docs / Networking / Setting Up WireGuard VPN on Linux

Setting Up WireGuard VPN on Linux

By Admin · Feb 25, 2026 · Updated Apr 23, 2026 · 27 views · 1 min read

What is WireGuard?

WireGuard is a modern, fast, and simple VPN protocol. It uses state-of-the-art cryptography, has a tiny codebase, and outperforms OpenVPN and IPSec in both speed and simplicity.

Installation

sudo apt update
sudo apt install -y wireguard

Server Setup

# Generate server keys
wg genkey | tee /etc/wireguard/server_private.key | wg pubkey > /etc/wireguard/server_public.key
chmod 600 /etc/wireguard/server_private.key

Create /etc/wireguard/wg0.conf:

[Interface]
Address = 10.0.0.1/24
ListenPort = 51820
PrivateKey = SERVER_PRIVATE_KEY

PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE

[Peer]
PublicKey = CLIENT_PUBLIC_KEY
AllowedIPs = 10.0.0.2/32

Enable IP Forwarding

echo "net.ipv4.ip_forward = 1" | sudo tee /etc/sysctl.d/99-wireguard.conf
sudo sysctl -p /etc/sysctl.d/99-wireguard.conf

Start WireGuard

sudo systemctl enable --now wg-quick@wg0

Client Configuration

[Interface]
Address = 10.0.0.2/24
PrivateKey = CLIENT_PRIVATE_KEY
DNS = 1.1.1.1

[Peer]
PublicKey = SERVER_PUBLIC_KEY
Endpoint = your-server-ip:51820
AllowedIPs = 0.0.0.0/0
PersistentKeepalive = 25

Verify

sudo wg show

Was this article helpful?

Related Articles