How do you set up a VPS as a VPN

TqR

Hello, I've watched a lot of videos and have a rough idea.
Was after a step by step guide, to creating a VPN from a VPS.
Thanks

swat4

You may use:

https://github.com/Nyr/openvpn-install

Credits and Kudos go to @Nyr

DP

Screw the videos.

• https://github.com/Nyr/openvpn-install
• https://github.com/Nyr/wireguard-install

Thank @Nyr for these.

budi1413

OpenVPN: https://github.com/Nyr/openvpn-install
Wireguard: https://github.com/Nyr/wireguard-install

Iroshan464

Or
https://github.com/Nyr/wireguard-install

For wireguard

DP

Behold the bold Nyr, control the globe slowly,
Proceeds to blow, swinging swords like Shinobi.
Stomp grounds and pound footprints in solid rock,
Nyr got it locked, performing live on your hottest block.

yoursunny

Debian 11 KVM

1. Install VPN server: sudo apt install wireguard

2. Edit config file: vi wg0.conf, then enter the following:

   [Interface]
   Address = 192.168.77.1/24
   PrivateKey = iBI3tdpNc3QTepcfU3tOX8TsFk6p2pNCM27IqmgUOnE=
   ListenPort = 51820
   MTU = 1420
   
   PostUp = iptables -I FORWARD -i wg0 -j ACCEPT
   PostUp = iptables -I FORWARD -o wg0 -j ACCEPT
   PostUp = iptables -t nat -I POSTROUTING -s 192.168.77.0/24 -o uplink -j MASQUERADE
   
   PreDown = iptables -D FORWARD -i wg0 -j ACCEPT
   PreDown = iptables -D FORWARD -o wg0 -j ACCEPT
   PreDown = iptables -t nat -D POSTROUTING -s 192.168.77.0/24 -o uplink -j MASQUERADE
   
   [Peer]
   PublicKey = vXycZlVYIQICX9rmyeQErP6Mwl5CLl4PJ470qz2jLUg=
   AllowedIPs = 192.168.77.2/32
   

   Here uplink is the network interface name that goes to the Internet.
   It's probably eth0 or ens3 on your server.
   You can see it with ip addr command.

3. Start VPN server: sudo wg-quick up ./wg0.conf

4. Download VPN client on your phone

5. Enter the following config:

   • Interface name: VPN
   • Interface private key: QIU2SXaa5LR5+/ssf4OC7TyELKhYmxQBpZ2iPG/zW3I=
   • Addresses: 192.168.77.2
   • Peer public key: tuk1I/TppNWYhT928bzu9Le9lrm3vvKAnwJBPShc0hc=
   • Endpoint: VPS IP address followed by :51820
   • Allowed IPs: 0.0.0.0/0

6. Click the toggle on VPN client app

If you need more than one client:

1. Run wg genkey | tee /dev/stderr | wg pubkey to generate another key.
2. Make another [Peer] section in the wg0.conf file, change IP address, and paste the second line.
3. In the client line, paste the first line in interface private key, paste the IP address in addresses box.

dahartigan

OpenVPN: https://github.com/Nyr/openvpn-install
Wireguard: https://github.com/Nyr/wireguard-install

Can't believe nobody mentioned these yet

TqR

@yoursunny, this is what I was looking for a one page set up, and how to make extra keys.
ty
do you know where I find the public key from the vps provider? what is it called, because I cant find it

yoursunny

@TqR said:
do you know where I find the public key from the vps provider? what is it called, because I cant find it

VPS provider doesn't give you keys.
You can make keys with wg genkey | tee /dev/stderr | wg pubkey command, or just copy paste the keys above.

TqR

@dahartigan said:
OpenVPN: https://github.com/Nyr/openvpn-install
Wireguard: https://github.com/Nyr/wireguard-install

Can't believe nobody mentioned these yet

Do you just dl the zip?

TqR

@yoursunny said:

@TqR said:
do you know where I find the public key from the vps provider? what is it called, because I cant find it

VPS provider doesn't give you keys.
You can make keys with wg genkey | tee /dev/stderr | wg pubkey command, or just copy paste the keys above.

Right, now that makes sense, because we had lessons on ocean and linode and I'm not going through those companies.
Thanks, that part was confusing

dahartigan

@TqR said:

@dahartigan said:
OpenVPN: https://github.com/Nyr/openvpn-install
Wireguard: https://github.com/Nyr/wireguard-install

Can't believe nobody mentioned these yet

Do you just dl the zip?

If you want to use Wireguard, open a new terminal and paste this:

wget https://git.io/wireguard -O wireguard-install.sh && bash wireguard-install.sh

If you want OpenVPN instead, open a new terminal and paste this:

wget https://git.io/vpn -O openvpn-install.sh && bash openvpn-install.sh

No need to download any zip, etc.

TqR

@yoursunny said:

@TqR said:
do you know where I find the public key from the vps provider? what is it called, because I cant find it

VPS provider doesn't give you keys.
You can make keys with wg genkey | tee /dev/stderr | wg pubkey command, or just copy paste the keys above.

Thanks for the offer, lol but I will be making my own keys..

dahartigan

@yoursunny said:

@TqR said:
do you know where I find the public key from the vps provider? what is it called, because I cant find it

VPS provider doesn't give you keys.
You can make keys with wg genkey | tee /dev/stderr | wg pubkey command, or just copy paste the keys above.

I find this slightly neater:

cd /etc/wireguard; wg genkey | tee privatekey | wg pubkey > publickey

Then you always have a handy reference stored in the pubkey and privatekey files.

TqR

@dahartigan said:

@TqR said:

@dahartigan said:
OpenVPN: https://github.com/Nyr/openvpn-install
Wireguard: https://github.com/Nyr/wireguard-install

Can't believe nobody mentioned these yet

Do you just dl the zip?

If you want to use Wireguard, open a new terminal and paste this:

wget https://git.io/wireguard -O wireguard-install.sh && bash wireguard-install.sh

If you want OpenVPN instead, open a new terminal and paste this:

wget https://git.io/vpn -O openvpn-install.sh && bash openvpn-install.sh

No need to download any zip, etc.

I want to change iso but need the vpn via vps. which one is preferred? keep looking at openvpn

TqR

@dahartigan said:

@yoursunny said:

@TqR said:
do you know where I find the public key from the vps provider? what is it called, because I cant find it

VPS provider doesn't give you keys.
You can make keys with wg genkey | tee /dev/stderr | wg pubkey command, or just copy paste the keys above.

I find this slightly neater:

cd /etc/wireguard; wg genkey | tee privatekey | wg pubkey > publickey

Then you always have a handy reference stored in the pubkey and privatekey files.

You do know what you are talking about! We got shown that too, but the long way of creating a file to put the keys into. Thanks

Logano

I always find creating a VPN easy with those scripts, but what do you guys do to get the pickier streaming services running? I always end up deleting my VPS because streaming sites still block me.

Xrmaddness

@Logano said:
I always find creating a VPN easy with those scripts, but what do you guys do to get the pickier streaming services running? I always end up deleting my VPS because streaming sites still block me.

I think a lot of services, like streaming platforms, block most datacenter IPs.

chocolateshirt

Bloody hell after so many comments why nobody mentioned this great script..

• OpenVPN - https://github.com/Nyr/openvpn-install
• Wireguard - https://github.com/Nyr/wireguard-install

Thank you @Nyr

rooted

Can somebody explain why no one mentions Outline VPN?

Logano

@rooted said:
Can somebody explain why no one mentions Outline VPN?

Hey thanks, I'd forgotten I wanted to try that.

Master_Bo

tinc?

Logano

So Outline works beautifully for me. Getting 35Mbps from the Vultr Seoul server which is plenty good for 1080p. Unfortunately, their IP range seems to be considered foreign by all my favorite streaming services lol. Will try Amazon Lightsail tomorrow.

What I like about it is that there's a bit of handholding with the keys, which I usually have a hard time with. Keys are easy to generate and send. The dashboard also gives you a traffic usage summary which is nice.

There were some hiccups installing on Ubuntu 21.10, but with easy fixes:

1. The script couldn't install Docker. Simple fix:

apt install docker.io

2. The ports I needed were firewalled by default (all ports were except for 22). Simple fix:

ufw allow 16245/udp
ufw allow 27001,16245/tcp

The ports above are mine. You'll get randomly assigned ports right after Outline's setup script finishes running, something like this:

Make sure to open the following ports on your firewall, router or cloud provider:
- Management port 27001, for TCP
- Access key port 16245, for TCP and UDP

Anyways, this is all good fun. I'll be pissed if it turns out that all the cheaper VPS providers in Korea are blocked, though.

Nyr

Thanks for all the love, guys

nobizzle

@DP said:
Behold the bold Nyr, control the globe slowly,
Proceeds to blow, swinging swords like Shinobi.
Stomp grounds and pound footprints in solid rock,
Nyr got it locked, performing live on your hottest block.

Wu Tang is for the children

SpeedTest

@TqR said:
Hello, I've watched a lot of videos and have a rough idea.
Was after a step by step guide, to creating a VPN from a VPS.
Thanks

Just follow this guide https://meoncloud.com/how-to/install-your-very-own-vpn-in-10-min/

DP

@nobizzle said:

@DP said:
Behold the bold Nyr, control the globe slowly,
Proceeds to blow, swinging swords like Shinobi.
Stomp grounds and pound footprints in solid rock,
Nyr got it locked, performing live on your hottest block.

Wu Tang is for the children

Yeah and Sean Kingston is for the grown-ups.

edoarudo5

Wireguard with Nyr's script. Outline.

skorupion

I use this:
https://github.com/angristan/wireguard-install

TqR

Thank you to everyone