This guide explains how to set up WireGuard VPN on a cloud server for secure and fast communications between devices.
WireGuard is a modern, simple, and fast VPN that uses state-of-the-art cryptography. In this guide, we will walk through the process of installing and configuring WireGuard on a cloud server, as well as connecting a device like a phone to the VPN.
First, install WireGuard on your cloud server by running the following commands:
sudo apt update
sudo apt install wireguardNext, generate the private and public keys for your WireGuard server. This step ensures secure communication between the server and client devices.
cd /etc/wireguard/
umask 077
wg genkey | tee privatekey | wg pubkey > publickeyNow, create and edit the WireGuard configuration file on the server:
sudo nano /etc/wireguard/wg0.confAdd the following content, replacing [YourPublicKey] with the generated public key, and [YourPrivateKey] with the private key:
[Interface]
PrivateKey = [YourPrivateKey]
Address = 10.0.0.1/24
ListenPort = 51820
[Peer]
PublicKey = [ClientPublicKey]
AllowedIPs = 10.0.0.2/32Enable IP forwarding on the server so it can route traffic through the VPN. Edit the sysctl configuration:
sudo nano /etc/sysctl.confUncomment the following line:
net.ipv4.ip_forward=1Apply the changes:
sudo sysctl -pStart the WireGuard interface:
sudo wg-quick up wg0To enable WireGuard at boot, use the following command:
sudo systemctl enable wg-quick@wg0On your client device (such as your phone), install the WireGuard app, and use the following configuration to connect:
[Interface]
PrivateKey = [ClientPrivateKey]
Address = 10.0.0.2/32
[Peer]
PublicKey = [ServerPublicKey]
Endpoint = [ServerIP]:51820
AllowedIPs = 0.0.0.0/0Replace [ClientPrivateKey], [ServerPublicKey], and [ServerIP] with the respective values from your server and client keys.
Once the client configuration is complete, you can test the VPN connection by starting WireGuard on your client device. If everything is set up correctly, your device should route all traffic through the VPN.