WireGuard Server+Client Configuration

WireGuard

SERVER-SIDE

$ sudo apt install wireguard
$ sudo -i
$ cd /etc/wireguard/
$ umask 077; wg genkey | tee privatekey | wg pubkey > publickey
$ cat privatekey
( Save the key )
$ cat publickey
( Save the key )
$ sudo nano /etc/wireguard/wg0.conf

[Interface]
## VPN server private IP ##
Address = 192.168.6.1/24
 
## My VPN server port ##
ListenPort = 41194
 
## VPN server private key /etc/wireguard/privatekey ##
PrivateKey = (SERVER KEY)

$ sudo ufw allow 41194/udp
$ sudo ufw status
$ sudo systemctl enable wg-quick@wg0
$ sudo systemctl start wg-quick@wg0
$ sudo wg
$ sudo ip a show wg0

# Allows peers to see each other
$ sysctl -w net.ipv4.ip_forward=1; iptables -I FORWARD -i wg0 -o wg0 -j ACCEPT 

--------------------------------------------------------

CLIENT-SIDE

$ sudo apt install wireguard
$ sudo sh -c 'umask 077; touch /etc/wireguard/wg0.conf'
$ sudo -i
$ cd /etc/wireguard/
$ umask 077; wg genkey | tee privatekey | wg pubkey > publickey
$ cat privatekey
( Save the key )
$ cat publickey
( Save the key )
$ sudo nano /etc/wireguard/wg0.conf

[Interface]
## This Client's private key ##
PrivateKey = (CLIENT KEY)
 
## Client ip address - Change the '.2' ##
Address = 192.168.6.2/24
 
[Peer]
## Ubuntu 20.04 server public key ##
PublicKey = (SERVER PUBLIC KEY)
 
## set ACL ##
AllowedIPs = 192.168.6.0/24
 
## Your Server's public IPv4/IPv6 address and port ##
Endpoint = (SERVER GLOBAL IP):41194
 
##  Key connection alive ##
PersistentKeepalive = 15

$ sudo systemctl enable wg-quick@wg0
$ sudo systemctl start wg-quick@wg0
$ sudo systemctl status wg-quick@wg0

--------------------------------------------------------

SERVER UPDATE TO ACCEPT NEW CLIENT

$ sudo systemctl stop wg-quick@wg0
$ sudo nano /etc/wireguard/wg0.conf

[Peer]
## Client VPN public key ##
PublicKey = (CLIENT PUBLIC KEY)
 
## client VPN IP address (note the /32 subnet) - Change the '.2' ##
AllowedIPs = 192.168.6.2/32

$ sudo systemctl start wg-quick@wg0