New In Stock: Netherlands Bare Metal servers with instant deployment are now available! Place an order today.

Knowledgebase

How to install WireGuard on a VPS Server? Print

  • wireguard, vps, vpn, insall vpn
  • 11

Here's a guide to installing WireGuard on your VPS server. The steps may vary slightly depending on your VPS provider's Linux distribution. We'll cover Ubuntu as an example.

 

Prerequisites:

  • A VPS running a supported Linux distro (e.g., Ubuntu, Debian, CentOS, etc.)
  • SSH access to your VPS

Step 1: Update your repository

sudo apt update

Step 2: Install WireGuard

sudo apt install wireguard -y

Step 3: Generate keys

Use the following command to generate a private and public key pair for the server:

wg genkey | tee server_privatekey.pem | wg pubkey > server_publickey.pem

This creates two files:

  • server_privatekey.pem: Keep this file secure as it grants VPN access.
  • server_publickey.pem: You'll need this key to configure your WireGuard client.

Step 4: Create WireGuard configuration file

Use a text editor (e.g., nano) to create a file named wg0.conf (or similar based on your VPS provider's instructions) in the directory /etc/wireguard/:

nano /etc/wireguard/wg0.conf

Here's an example configuration (replace placeholders with your details):

[Interface]
PrivateKey = $(cat server_privatekey.pem)
Address = 10.0.0.1/24 (Replace with your desired VPN subnet)
ListenPort = 51820 (Standard WireGuard port)

[Peer]
PublicKey = (Paste your client's public key here)
AllowedIPs = 10.0.0.2/32 (Replace with your client's desired IP address)

Step 5: Enable forwarding

Edit the /etc/sysctl.conf file:

sudo nano /etc/sysctl.conf

Add the line:

net.ipv4.ip_forward=1

Save the changes and run:

sudo sysctl -p

Step 6 (Optional): Configure firewall

You might need to configure your firewall to allow traffic on port 51820 (WireGuard's default). Consult your VPS provider's documentation for specific firewall instructions.

Step 7: Start the WireGuard service

sudo systemctl enable [email protected]
sudo systemctl start [email protected]

Step 8: Configure your WireGuard client

  • Download and install the WireGuard client for your device (https://www.wireguard.com/install/).

  • Create a new WireGuard connection profile on your client.

  • Enter the following details in your client configuration:

    • Endpoint: Your VPS server's public IP address followed by port 51820 (e.g., your_server_ip:51820)
    • PrivateKey: Contents of your client's private key file (generated earlier)
    • PublicKey: Server's public key (server_publickey.pem)
    • AllowedIPs: Leave blank for full access to the server's network or specify a limited allowed IP range.

Step 9: Connect!

Activate the WireGuard connection on your client device. You should now be connected to your VPS server through the VPN tunnel.

Additional Notes:

  • Remember to replace placeholders in the configuration files with your specific details.
  • This is a general guide, and some steps might vary depending on your VPS provider's setup. Refer to their documentation for specific instructions.
  • For more advanced configurations, refer to the official WireGuard documentation: https://www.wireguard.com/quickstart/

Was this answer helpful?

« Back