Deploy | Docs Firezone Link Search Menu Expand Document

Deploy

Get started with Firezone in a few minutes by self-hosting on a supported platform


Firezone can be self-hosted on a server running a supported Linux distribution in a few minutes. This guide will walk you through the steps to get started.

Step 1: Environment Setup

Supported operating systems

Start by checking if your environment is listed on supported platforms. A kernel upgrade may be required to ensure WireGuard® is available.

Security settings

Ensure port forwarding is enabled on your firewall. The default Firezone configuration requires the following ports to be open:

  • 443/tcp: To access the web UI.
  • 51820/udp: The VPN traffic listen-port.

Note: Firezone modifies the kernel netfilter and routing tables. Other programs that modify the Linux routing table or firewall may interfere with Firezone’s operation. For help troubleshooting connectivity issues, see the troubleshooting guide.

Production deployments

Firezone requires the setup of a DNS record and matching SSL certificate for production deployments. See instructions here.

Step 2: Server Install Script

The easiest way to get started using Firezone is via the automatic installation script below.

bash <(curl -Ls https://github.com/firezone/firezone/raw/master/scripts/install.sh)

This will ask you a few questions regarding your install, download the latest release for your platform, then create an administrator user and print to the console instructions for logging in to the web UI.

install complete

Note: During install new firewall rules are added, which can interrupt the SSH connection. If this happens and you miss the admin instructions, reconnect to the server to run firezone-ctl create-or-reset-admin. This will re-create the admin user and output the address of the web UI to the console. We are actively working on a fix for this issue.

By default, the web UI can be reached at the IP or domain name of your server. You can regenerate the admin credentials using the firezone-ctl create-or-reset-admin command.

If the script fails, follow instructions for manual installation.

Step 3: Install Client Apps

Once successfully deployed, users and devices can be added to connect to the VPN server:

Troubleshooting

First, check our troubleshooting guide to see if your issue is covered there. If you are unable to resolve the issue:

After Setup

Congrats! You have completed the setup, but there’s a lot more you can do with Firezone.

Support us by: