Install WireGuard VPN Client Ubuntu 24.04

|
Published:
|
|

This guide will take you through how to install WireGuard VPN Client Ubuntu 24.04. If you are using WireGuard as your VPN server, then you might want to configure your end points as VPN clients.

To learn how to configure WireGuard VPN server on Ubuntu 24.04, follow the guide below;

Install WireGuard VPN Server on Ubuntu 24.04

Install WireGuard VPN Client Ubuntu 24.04

Run system Update

Run the commands below to update system package cache;

sudo apt update

Install WireGuard VPN Client Ubuntu 24.04

Next, execure the command below to install WireGuard VPN Client Ubuntu 24.04.

sudo apt install wireguard resolvconf -y

Configure WireGuard VPN Client on Ubuntu 24.04

Generate the WireGuard VPN Client Private and Public keys

In our previous guide to setup the WireGuard VPN server, we have already generated the keys for our test clients.

Hence, we will just copy the respective keys to the respective clients.

[[ -d /etc/wireguard/ ]] || mkdir /etc/wireguard/

In our setup, we have already copied the client keys to the respective clients;

On Ubuntu client

sudo ls -1 /etc/wireguard/
ubuntu.key
ubuntu.pub.key
wireguard.pub.key

Create WireGuard VPN Client Configuration

On each client system, create the configuration file. You would simply run the command below to create the configuration file.

Replace the client IP addresses and Private keys accordingly.

Ubuntu Client

sudo tee /etc/wireguard/wg0.conf << 'EOL'
[Interface]
PrivateKey = GODF2MimY+nATXMbjJUdCo19Q7edYEOg3PuegNSad1o=
Address = 10.8.0.20
DNS = 8.8.8.8

[Peer]
PublicKey = T6gaFyJEWRucHFzpJJFYPpFv6EH3r2lnXxLHMP8eshU=
AllowedIPs = 10.8.0.0/24
Endpoint = 192.168.56.104:51820
PersistentKeepalive = 20
EOL

Configure WireGuard VPN Server to Allow VPN Clients Connections

On your WireGuard VPN Server, you need to enable VPN clients peer to peer connections.

To enable this, you need to obtain the Public keys for each client. For example, in my setup, I have three clients whose public keys are generated already.

This has been done already in our WireGuard VPN Server setup. Check the link below;

Configure WireGuard VPN Server to Allow VPN Clients Connections

Running WireGuard VPN Client Service

On the WireGuard VPN Clients, you can start the service now either using the wg-quick or systemd!;

sudo systemctl start wg-quick@wg0

Checking the status;

systemctl status wg-quick@wg0
[email protected] - WireGuard via wg-quick(8) for wg0
     Loaded: loaded (/lib/systemd/system/[email protected]; disabled; preset: enabled)
     Active: active (exited) since Tue 2024-02-06 20:51:51 CET; 8s ago
       Docs: man:wg-quick(8)
             man:wg(8)
             https://www.wireguard.com/
             https://www.wireguard.com/quickstart/
             https://git.zx2c4.com/wireguard-tools/about/src/man/wg-quick.8
             https://git.zx2c4.com/wireguard-tools/about/src/man/wg.8
    Process: 3600 ExecStart=/usr/bin/wg-quick up wg0 (code=exited, status=0/SUCCESS)
   Main PID: 3600 (code=exited, status=0/SUCCESS)
        CPU: 28ms

Feb 06 20:51:51 noble-numbat systemd[1]: Starting [email protected] - WireGuard via wg-quick(8) for wg0...
Feb 06 20:51:51 noble-numbat wg-quick[3600]: [#] ip link add wg0 type wireguard
Feb 06 20:51:51 noble-numbat wg-quick[3600]: [#] wg setconf wg0 /dev/fd/63
Feb 06 20:51:51 noble-numbat wg-quick[3600]: [#] ip -4 address add 10.8.0.20 dev wg0
Feb 06 20:51:51 noble-numbat wg-quick[3600]: [#] ip link set mtu 1420 up dev wg0
Feb 06 20:51:51 noble-numbat wg-quick[3626]: [#] resolvconf -a wg0 -m 0 -x
Feb 06 20:51:51 noble-numbat wg-quick[3600]: [#] ip -4 route add 10.8.0.0/24 dev wg0
Feb 06 20:51:51 noble-numbat systemd[1]: Finished [email protected] - WireGuard via wg-quick(8) for wg0.

Once done on all clients, check IP address assignment.

ip add show wg0
4: wg0:  mtu 1420 qdisc noqueue state UNKNOWN group default qlen 1000
    link/none 
    inet 10.8.0.20/32 scope global wg0
       valid_lft forever preferred_lft forever

Verify Interconnection Between VPN Server and Clients

Confirm client connection to the server;

sudo wg
interface: wg0
  public key: ucQSU4bqZn0Pll+hgfLNZC8JNDMymOGifyiwp/iKIjc=
  private key: (hidden)
  listening port: 46230

peer: T6gaFyJEWRucHFzpJJFYPpFv6EH3r2lnXxLHMP8eshU=
  endpoint: 192.168.56.104:51820
  allowed ips: 10.8.0.0/24
  latest handshake: 40 seconds ago
  transfer: 476 B received, 628 B sent
  persistent keepalive: every 20 seconds

You can run the same command on the server as well.

Now, try to ping the vpn server on the client;

ping 10.8.0.1 -c 3
PING 10.8.0.1 (10.8.0.1) 56(84) bytes of data.
64 bytes from 10.8.0.1: icmp_seq=1 ttl=64 time=2.60 ms
64 bytes from 10.8.0.1: icmp_seq=2 ttl=64 time=1.80 ms
64 bytes from 10.8.0.1: icmp_seq=3 ttl=64 time=1.69 ms

--- 10.8.0.1 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2006ms
rtt min/avg/max/mdev = 1.689/2.032/2.604/0.406 ms

Ping the client from the server;

ping -c 4 10.8.0.20
PING 10.8.0.20 (10.8.0.20) 56(84) bytes of data.
64 bytes from 10.8.0.20: icmp_seq=1 ttl=64 time=1.30 ms
64 bytes from 10.8.0.20: icmp_seq=2 ttl=64 time=2.03 ms
64 bytes from 10.8.0.20: icmp_seq=3 ttl=64 time=1.43 ms
64 bytes from 10.8.0.20: icmp_seq=4 ttl=64 time=1.82 ms

--- 10.8.0.20 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3005ms
rtt min/avg/max/mdev = 1.302/1.646/2.033/0.293 ms

Your clients should now be able to communicate with each other.

And that concludes our guide on how to install WireGuard VPN client on Ubuntu 24.04.

SUPPORT US VIA A VIRTUAL CUP OF COFFEE

We're passionate about sharing our knowledge and experiences with you through our blog. If you appreciate our efforts, consider buying us a virtual coffee. Your support keeps us motivated and enables us to continually improve, ensuring that we can provide you with the best content possible. Thank you for being a coffee-fueled champion of our work!

Photo of author
Kifarunix
Linux Certified Engineer, with a passion for open-source technology and a strong understanding of Linux systems. With experience in system administration, troubleshooting, and automation, I am skilled in maintaining and optimizing Linux infrastructure.

Leave a Comment