Serverspace Black Friday
November 7, 2021
Updated July 19, 2022

How to Setup WireGuard VPN Client on CentOS

CentOS Linux VPN

WireGuard is an application that can provide a secure virtual private network (VPN), it is simple to use and setup. It uses strong cryptographic protocols and algorithms to cyph data. Designed exclusively for the Linux kernel, it can be deployed on Windows, macOS, FreeBSD, iOS and Android.

In our case we will use CentOS 8.3 for WireGuard setup.

How to set up the WireGuard VPN client:

Installing WireGuard Client on CentOS

Client installation is similar to server. Log in to your Linux server, after logging in, add the EPEL and Elrepo repositories to install the kernel modules and WireGuard tools.

sudo dnf install epel-release elrepo-release -y

Now let’s install WireGuard from epel repository:

sudo dnf install kmod-wireguard wireguard-tools

Generating Private and Public Keys

WireGuard works by encrypting the connection using a pair of cryptographic keys. The key pair is used by passing the public key to the other party, which can then encrypt its message so that it can only be decrypted with the corresponding private key. To secure two-way communication, each side must have its own private and public keys, since each pair provides only one-way messaging.

Generate a client public and private key pair by running the following command:

wg genkey | tee private.key | wg pubkey > public.key

After that, create a client configuration file, in the following directory:

sudo nano /etc/wireguard/wg0.conf

In the file type:

PrivateKey = <contents-of-client-privatekey>
Address =
PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
ListenPort = 51820
PublicKey = <contents-of-server-publickey>
AllowedIPs =

Notes: In the publickey line insert the server public key that we generated in the previous article and on the private key insert the client private key.

WireGuard Startup

To start the connection, type the following command:

sudo wg-quick up wg0


Now the client can communicate with the server, you can ping the server from the client with the command


How to Quickly Deploy a Website on WordPress on an Ubuntu Server

To find out the connection status, run the following command:

sudo wg show

You will get all the connection details as shown below

How to Quickly Deploy a Website on WordPress on an Ubuntu Server

Congratulations! Your client computer now has access to the VPN network.

3 out of 5
Аverage rating : 3
Rated by: 2
1101 CT Amsterdam The Netherlands, Herikerbergweg 292
+31 20 262-58-98
700 300
700 300
We use cookies to make your experience on the Serverspace better. By continuing to browse our website, you agree to our
Use of Cookies and Privacy Policy.