This guide will take you through how to install WireGuard VPN Client Ubuntu 24.04. If you are using WireGuard as your VPN server, then you might want to configure your end points as VPN clients.
To learn how to configure WireGuard VPN server on Ubuntu 24.04, follow the guide below;
Install WireGuard VPN Server on Ubuntu 24.04
Table of Contents
Installing WireGuard VPN Client Ubuntu 24.04
Run system Update
Run the commands below to update system package cache;
sudo apt update
Install WireGuard VPN Client
Next, execure the command below to install WireGuard VPN Client.
sudo apt install wireguard resolvconf -y
Configure WireGuard VPN Client
Generate the WireGuard VPN Client Private and Public keys
In our previous guide to setup the WireGuard VPN server, we have already generated the keys for our test clients.
Hence, we will just copy the respective keys to the respective clients.
[[ -d /etc/wireguard/ ]] || mkdir /etc/wireguard/
In our setup, we have already copied the client keys to the respective clients;
On Ubuntu client
sudo ls -1 /etc/wireguard/
ubuntu.key
ubuntu.pub.key
wireguard.pub.key
Create WireGuard VPN Client Configuration
On each client system, create the configuration file. You would simply run the command below to create the configuration file.
Replace the client IP addresses and Private keys accordingly.
Ubuntu Client
sudo tee /etc/wireguard/wg0.conf << 'EOL'
[Interface]
PrivateKey = GODF2MimY+nATXMbjJUdCo19Q7edYEOg3PuegNSad1o=
Address = 10.8.0.20
DNS = 8.8.8.8
[Peer]
PublicKey = T6gaFyJEWRucHFzpJJFYPpFv6EH3r2lnXxLHMP8eshU=
AllowedIPs = 10.8.0.0/24
Endpoint = 192.168.56.104:51820
PersistentKeepalive = 20
EOL
Configure WireGuard VPN Server to Allow VPN Clients Connections
On your WireGuard VPN Server, you need to enable VPN clients peer to peer connections.
To enable this, you need to obtain the Public keys for each client. For example, in my setup, I have three clients whose public keys are generated already.
This has been done already in our WireGuard VPN Server setup. Check the link below;
Configure WireGuard VPN Server to Allow VPN Clients Connections
Running WireGuard VPN Client Service
On the WireGuard VPN Clients, you can start the service now either using the wg-quick or systemd!;
sudo systemctl start wg-quick@wg0
Checking the status;
systemctl status wg-quick@wg0
● [email protected] - WireGuard via wg-quick(8) for wg0
Loaded: loaded (/lib/systemd/system/[email protected]; disabled; preset: enabled)
Active: active (exited) since Tue 2024-02-06 20:51:51 CET; 8s ago
Docs: man:wg-quick(8)
man:wg(8)
https://www.wireguard.com/
https://www.wireguard.com/quickstart/
https://git.zx2c4.com/wireguard-tools/about/src/man/wg-quick.8
https://git.zx2c4.com/wireguard-tools/about/src/man/wg.8
Process: 3600 ExecStart=/usr/bin/wg-quick up wg0 (code=exited, status=0/SUCCESS)
Main PID: 3600 (code=exited, status=0/SUCCESS)
CPU: 28ms
Feb 06 20:51:51 noble-numbat systemd[1]: Starting [email protected] - WireGuard via wg-quick(8) for wg0...
Feb 06 20:51:51 noble-numbat wg-quick[3600]: [#] ip link add wg0 type wireguard
Feb 06 20:51:51 noble-numbat wg-quick[3600]: [#] wg setconf wg0 /dev/fd/63
Feb 06 20:51:51 noble-numbat wg-quick[3600]: [#] ip -4 address add 10.8.0.20 dev wg0
Feb 06 20:51:51 noble-numbat wg-quick[3600]: [#] ip link set mtu 1420 up dev wg0
Feb 06 20:51:51 noble-numbat wg-quick[3626]: [#] resolvconf -a wg0 -m 0 -x
Feb 06 20:51:51 noble-numbat wg-quick[3600]: [#] ip -4 route add 10.8.0.0/24 dev wg0
Feb 06 20:51:51 noble-numbat systemd[1]: Finished [email protected] - WireGuard via wg-quick(8) for wg0.
Once done on all clients, check IP address assignment.
ip add show wg0
4: wg0: mtu 1420 qdisc noqueue state UNKNOWN group default qlen 1000
link/none
inet 10.8.0.20/32 scope global wg0
valid_lft forever preferred_lft forever
Verify Interconnection Between VPN Server and Clients
Confirm client connection to the server;
sudo wginterface: wg0
public key: ucQSU4bqZn0Pll+hgfLNZC8JNDMymOGifyiwp/iKIjc=
private key: (hidden)
listening port: 46230
peer: T6gaFyJEWRucHFzpJJFYPpFv6EH3r2lnXxLHMP8eshU=
endpoint: 192.168.56.104:51820
allowed ips: 10.8.0.0/24
latest handshake: 40 seconds ago
transfer: 476 B received, 628 B sent
persistent keepalive: every 20 seconds
You can run the same command on the server as well.
Now, try to ping the vpn server on the client;
ping 10.8.0.1 -c 3
PING 10.8.0.1 (10.8.0.1) 56(84) bytes of data.
64 bytes from 10.8.0.1: icmp_seq=1 ttl=64 time=2.60 ms
64 bytes from 10.8.0.1: icmp_seq=2 ttl=64 time=1.80 ms
64 bytes from 10.8.0.1: icmp_seq=3 ttl=64 time=1.69 ms
--- 10.8.0.1 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2006ms
rtt min/avg/max/mdev = 1.689/2.032/2.604/0.406 ms
Ping the client from the server;
ping -c 4 10.8.0.20PING 10.8.0.20 (10.8.0.20) 56(84) bytes of data.
64 bytes from 10.8.0.20: icmp_seq=1 ttl=64 time=1.30 ms
64 bytes from 10.8.0.20: icmp_seq=2 ttl=64 time=2.03 ms
64 bytes from 10.8.0.20: icmp_seq=3 ttl=64 time=1.43 ms
64 bytes from 10.8.0.20: icmp_seq=4 ttl=64 time=1.82 ms
--- 10.8.0.20 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3005ms
rtt min/avg/max/mdev = 1.302/1.646/2.033/0.293 ms
Your clients should now be able to communicate with each other.
And that concludes our guide on how to install WireGuard VPN client on Ubuntu.
