Released in 2015 WireGuard is a modern VPN protocol and has been highly praised for its simplicity, speed, encryption. It is design to be lightweight and efficient unlike older protocols like Openvpn or IPSec, WireGuard is much easier to set up ( only "OpenVPN access server" is easier) and also performs slightly better, particularly on mobile devices thanks to efficient handling of encryption.

Key benefits of WireGuard.

• High perfomance: WireGuard offering faster speeds compared to other VPN protocols while using less system resources.
  This makes it ideal for users looking for low-latency connections, wheather for streaming, gaming, or general browsing.
• Advanced Security: WireGuard uses modern sophisticated cryptographic (bla bla bla, seriously! :))techniques
  to ensure your online data remains secure and private. Its compact program code reduces
  the risk of vulnerabilities and make it easier to audit for security issues.
• Simple Setup: With a modern minimalistic design, WireGuard is easier to configure and manage compared to other protocols.
  Its clean, straightforward approach means you can have it up and running in no time.

In this guide, we'll explore how you can create Wireguard VPN server!

Setting up wireguard VPN server on Ubuntu system follow these commands:

Update your system:
sudo apt update && sudo apt upgrade -y
Install WireGuard from Ubuntu repositories:
sudo apt install wireguard -y
Create a directory to store public and private keys:
sudo mkdir -p /etc/Wireguard
Enter directory:
cd /etc/wireguard
Generate keys:
sudo wg genkey | tee server_private.key | wg pubkey | tee server_public.key
By this you get two key files in /etc/wireguard directory (you can open them to view a key with notepad)
Set permissions for private key:
sudo chmod 600 server_private.key
Create configuration file for WireGuard server:
sudo nano /etc/wireguard/wg0.conf Copy this configuration and add server private key:

[Interface]
PrivateKey = "server_private_key"
Address = 10.0.0.1/24 # This is the internal IP address of the WireGuard server
ListenPort = 51820
SaveConfig = true
# Enable IP forwarding
PostUp = ufw route allow in on wg0 out on eth0
PostUp = sysctl -w net.ipv4.ip_forward=1
PreDown = sysctl -w net.ipv4.ip_forward=0
PreDown = ufw route delete allow in on wg0 out on eth0

Next enable VPN to forward traffic:
sudo nano /etc/sysctl.conf
Uncomment the following line to enable ipv4 forwarding:
net.ipv4.ip_forward=1 exit and apply sudo sysctl -p
Allow WireGuard default port 5180 through firewall:
sudo ufw allow 51820/udp
Add rules to allow traffic to be routed through VPN interface:
sudo ufw route allow in on wg0 out on eth0
Start the WireGuard interface and enable it to run on startup:
sudo wg-quick up wg0
sudo systemctl enable wg-quick@wg0
Configure VPN clients:
wg genkey | tee client_private.key | wg pubkey | tee client_public.key
Create configuration file client.conf
sudo nano client.conf

[Interface]
PrivateKey = "Client_Private_Key"
Address = 10.0.0.2/24 # The client's internal VPN IP address
[Peer]
PublicKey = "Server_Public_Key"
Endpoint = "Server_Public_IP":51820
AllowedIPs = 0.0.0.0/0
PersistentKeepalive = 25
Replace private and public keys generated earlier. Replace public IP with your VPS server IP.

Add client to the server and update server's configuration:
sudo wg set wg0 peer "Client_Public_Key" allowed-ips 10.0.0.2/32
Run the following command to see status of VPN:
sudo wg
Download client.conf (usually in root directory if not specified) to your device using scp or ftp client like fileZilla.
That's it your WireGuard server should be running and you can connect from your computer or device!

Why use WireGuard?

WireGuard is continually being improved by a global community of developers. However, while it excels in many areas, it may not be the best fit for all network environments due to ISP restrictions. Nonetheless, it remains a top choice for privacy-conscious individuals and businesses seeking a modern, efficient VPN protocol.