Wireguard

Install Wireguard

Both Server/Client

sudo apt update
sudo apt install wireguard

Create Private key

wg genkey | sudo tee /etc/wireguard/private.key
sudo chmod go= /etc/wireguard/private.key

sudo cat /etc/wireguard/private.key | wg pubkey | sudo tee /etc/wireguard/public.key

Server:

sudo vim /etc/wireguard/wg0.conf 

[Interface]
Address = 10.0.0.1/24
SaveConfig = true
PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
ListenPort = xxxxx
PrivateKey = xxxxxxxxxxxxx

Make sure to use your correct interface in this case its eth0

Should be a 1 if its 0 you need to change it to 1

cat /proc/sys/net/ipv4/ip_forward
1

sudo vim /etc/sysctl.conf

Go to where net.ipv4.ip_forward=0 is and change the 0 to a 1. Make sure to uncomment it if its commented out. Write and save the file.

To read the file and load the new values for your current terminal session, run:

sudo sysctl -p

Output

net.ipv4.ip_forward = 1

Think you should also be able to do sudo sysctl -w net.ipv4.ip_forward=1

Reboot server

Bring up wg0 and make sure its running

wg-quick up wg0
sudo wg

Client: I'm doing name as a place holder you might have different conf files (vps.conf, work.conf, etc) so name them accordingly

sudo vim /etc/wireguard/name.conf

Add the following to name.conf

[Interface]
Address = 10.0.0.2/24
PrivateKey = xxxx
DNS = 1.1.1.1

[Peer]
PublicKey = xxxx
AllowedIPs - 0.0.0.0/0
Endpoint = serveriphere:port

Switch back to server and add client public key to wg0.conf

[Interface]
Address = 10.0.0.1/24
SaveConfig = true
PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o enp2s0 -j MASQUERADE
PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o enp2s0 -j MASQUERADE
ListenPort = xxxx
PrivateKey = xxxx

[Peer]
PublicKey = xxxx
AllowedIPs = 10.0.0.2/32

Make sure wireguard automatically starts on server reboot

sudo systemctl enable wg-quick@wg0                                                                              
Created symlink /etc/systemd/system/multi-user.target.wants/[email protected] → /lib/systemd/system/[email protected].