Option 1:Using a Commercial VPN GUI CLI)

Setting up a VPN on Ubuntu can be done in several ways, depending on whether you want to use a commercial VPN service (like NordVPN, ExpressVPN, etc.) or set up your own VPN server (like OpenVPN or WireGuard). Below are the steps for both scenarios: Most VPN providers offer easy-to-use apps for Ubuntu.

Method 1: Install via GUI (Network Manager)

1. Get VPN credentials from your provider (e.g., OpenVPN config files or WireGuard keys).
2. Open Settings → Network → VPN → + Add VPN.
3. Choose the type (OpenVPN/WireGuard) and enter details:
   • For OpenVPN: Import .ovpn config files.
   • For WireGuard: Enter private key, public key, endpoint, etc.
4. Turn on VPN from the network menu.

Method 2: Install via Terminal (CLI)

Some VPNs offer CLI tools (e.g., NordVPN, ProtonVPN).

Example: NordVPN

1. Install:

   sudo apt update
   sudo apt install nordvpn

2. Log in and connect:

   nordvpn login
   nordvpn connect

Example: OpenVPN (Manual Setup)

1. Install OpenVPN:

   sudo apt update
   sudo apt install openvpn

2. Download .ovpn files from your VPN provider.
3. Connect:

   sudo openvpn --config /path/to/config.ovpn

Option 2: Setting Up Your Own VPN Server

If you want to host your own VPN (e.g., for remote access), WireGuard is the fastest and easiest option.

Install WireGuard on Ubuntu

1. Install WireGuard:

   sudo apt update
   sudo apt install wireguard resolvconf

2. Generate keys:

   umask 077
   wg genkey | sudo tee /etc/wireguard/private.key
   sudo cat /etc/wireguard/private.key | wg pubkey | sudo tee /etc/wireguard/public.key

3. Configure the server (/etc/wireguard/wg0.conf):

   [Interface]
   PrivateKey = <server_private_key>
   Address = 10.0.0.1/24
   ListenPort = 51820
   PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
   PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
   [Peer]
   PublicKey = <client_public_key>
   AllowedIPs = 10.0.0.2/32

4. Enable IP forwarding:

   echo "net.ipv4.ip_forward=1" | sudo tee -a /etc/sysctl.conf
   sudo sysctl -p

5. Start WireGuard:

   sudo systemctl enable wg-quick@wg0
   sudo systemctl start wg-quick@wg0

Configure Client Device

1. Install WireGuard on the client (Ubuntu, Windows, Android, etc.).

2. Create a client config (wg0.conf):

   [Interface]
   PrivateKey = <client_private_key>
   Address = 10.0.0.2/24
   DNS = 8.8.8.8
   [Peer]
   PublicKey = <server_public_key>
   Endpoint = <your_server_ip>:51820
   AllowedIPs = 0.0.0.0/0
   PersistentKeepalive = 25

3. Import into WireGuard and connect.

Troubleshooting

• If VPN disconnects, check logs:

  journalctl -u wg-quick@wg0 -f

• If DNS leaks, use resolvectl or dnsmasq.

Would you like a more detailed guide for a specific VPN setup? Let me know! 🚀