🔧 Server Side Setup (Debian / Ubuntu VPS)
Step 1: Install WireGuard
sudo apt update
sudo apt install wireguard -y
Step 2: Generate Server Keys
cd /etc/wireguard
umask 077
wg genkey | tee privatekey | wg pubkey > publickey
Step 3: Create Config File (/etc/wireguard/wg0.conf)
[Interface]
PrivateKey = <server-private-key>
Address = x.x.x.x/x # ip of your wireguard vpn server
ListenPort = 51820
[Peer]
PublicKey = <client-public-key>
AllowedIPs = x.x.x.x/x
Replace:
<server-private-key> = your privatekey
<client-public-key> = public key provided by the client
AllowedIPs = ip of your client
Step 4: Allow UDP Port 51820
sudo iptables -A INPUT -p udp --dport 51820 -j ACCEPT
Step 5: Start and Verify VPN Interface
sudo wg-quick up wg0
# Check status
sudo wg show
# Optional ping test
ping x.x.x.x
💻 Client Side Setup (Debian / Ubuntu)
Step 1: Install WireGuard
sudo apt update
sudo apt install wireguard -y
Step 2: Generate Client Keys
cd /etc/wireguard
umask 077
wg genkey | tee privatekey | wg pubkey > publickey
Note: Send the public key to the server administrator.
Step 3: Create Config File (/etc/wireguard/wg0.conf)
[Interface]
PrivateKey = <client-private-key>
Address = x.x.x.x/x # client ip
[Peer]
PublicKey = <server-public-key>
Endpoint = x.x.x.x:51820
AllowedIPs = x.x.x.x/x
PersistentKeepalive = 25
Replace:
<client-private-key> = result from cat privatekey
<server-public-key> = provided by server admin
AllowedIPs = public IP of your server
Step 4: Start the Tunnel
sudo wg-quick up wg0
# Optional: Enable on boot
sudo systemctl enable wg-quick@wg0
Step 5: Verify and Test
sudo wg show ping 10.10.10.1