New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
Try to switch between them really fast in the middle of each request.
Otherwise I don’t know.
My advice is to think hardware, not software, because it's much simpler. Setup your router with VPN1 which makes all packages go through VPN1 by using something standard like OpenVPN configuration files. Then on your computer start the VPN2 with the proprietary software. This way you have VPN2 through VPN1.
If you want even more security, use Tor too; so it will be Tor through VPN2 through VPN1.
That's something I was also looking into. Any hardware/router recommendation?
Currently looking at OpenWRT & Mikrotik.
OpenWRT has packages you can install, including OpenVPN. You don't need to go into expensive stuff like Mirkrotik. This is a low-end community after all.
OpenWRT can be installed even on a cheap Raspberry Pi laying around (if you don't have a cheap router supporting latest version of OpenWRT due to RAM requirements).
OpenVPN on a router can be very challenging and slow.
Instead use wireguard on the router, to get much higher speeds. And then on your desktop you can run whatever.
Well was having a look at this. Running double OpenVPN between servers might be a little hard.
However you could do two things:
-Have two VPS. A and B.
A runs openvpn server.
B runs Wireguard.
Client connect to A -> A connect to B -> B to destination.
Another way is to run double VPN in your computer instead of connecting or bridging the servers.
Fire up Client Connection to A.
Fire up Client Connection to B.
I was reading that most likely it should work fine as long as you do one first then the other (in order).
Then there are the other ways (router and computer mix that you already know).
If security is the goal, and maybe there are ways to configure or setup this action to not happen, but usually decryption happen once data reached the VPN server. In theory... VPS 1 decrypt data then encrypt again and send it to VPS2. That might not be as effective as it should.
I also read that NordVPN offer double VPN. Some providers do.
Maybe completely forget VPN 1? If you do want your traffic to pass server 1, you may set up port forwarding on server 1, so you connect to VPN 2 via server 1.
How to: google "iptables port forwarding udp"
You'll probably need 2 wireguard interfaces on server 1, as I always end up having problems when I try to forward packets back onto the interface they came in on.
On server 1, you'll want to add 0.0.0.0 to the AllowedIPs for server 2 peer entry so that the default route is via the second server.
Then add an SNAT iptables rule, like this:
iptables -t nat -A POSTROUTING -s 192.168.99.0/24 ! -d 192.168.99.0/24 -j SNAT --to-source server1_wireguard_ip
That last IP address is the "external address" of server1, which will be the wireguard IP address that server2 knows for server1.
Server 2 would need a similar SNAT rule too, but this time using the real external address for that machine. So, something like this:
iptables -t nat -A POSTROUTING -s server1_wireguard_ip ! -d server1_wireguard_ip -j SNAT --to-source server2_external_ip
I would also question what the point of the second server is, but I can see some obfuscation edge cases, but in general it doesn't seem massively useful.
What is did for VPN to VPN...
home pc > windscribe VPN (desktop application) > chrome Browsec VPN (extention) > internet.
What I currently use:
Desktop -> OVPN desktop app -> VILFO (VPN Router made by OVPN folks) connected on Mullvad -> Internet
All wireguard.
You can find the ikuai router through Google. It has vpn access and vpn link as the exit. It also has the feature of specifying different line exits according to the source IP. What's more, since it can be installed on vps through dd, of course, it can also buy hardware routers
Thanks @everyone for your suggestions.
I have found a quick fix for now.
PC > Wireguard > Private Proxy > Internet
Future plan is to get a MikroTik/OpenWRT router for proper double VPN setup.
if you're looking for a cheap vpn router, these might be worth a look (openwrt based + "userfriendly" gui).
https://www.gl-inet.com/products/gl-mt300n-v2/
https://www.gl-inet.com/products/gl-ar300m/
until last year i had several vms with openwrt in proxmox, but at some point that was too much tinkering for me. now I use several of these gl inet routers in the local network and connect to the vps via them. if you want double vpn, you could set up a vpn through the computer and send the traffic through the vpn router.
You only need iptables to forward a port's traffic to destination port.
The easy way: tinc mesh vpn.
The hard way: bird2 + wireguard, at least what I use, for my gaming latency optimization.
I just ordered a MikroTik RouterBoard. It already supports OpenVPN and the latest firmware 7.6 supposed to have Wireguard.
I am still interested in your hard way setup.
I also meet similar problems. Thanks for all the comments!
I use this, to setup my wireguard mesh.
https://github.com/Ne00n/pipe-builder-3000
Plus, bird2 setup, that takes care of the routes.
https://github.com/Ne00n/bird-spawner-3000
You can in theory manipulate the ospf values/weight/cost so, that bird routes the traffic as you wish.
Setup is pretty stable so far, using it for my Japanese gaming.
i think is not that hard, just connect the 2 VPS togheter and make one route rules.
We need to test it, but yeah is possible without problems
I'm curious what the use case is and why you'd take the performance hit.
I am moving all my traffic through a single internet exchange then to the internet.
It actually makes my Internet faster and I get almost no packet loss in exchange for 5ms delay.
This is why I need the 1st VPN.
I want switch between multiple locations whenever needed and this is what the 2nd VPN interface will do. (Switch VPN profiles)
I don't to use any VPN company's service. I already have multiple VPS around the world that's been prepaid for years. Just gonna use them instead.
I won't argue if it works for you well enough, so I'll agree to disagree.
Update: Got a MikroTik RB. Wireguard is running perfectly on it.
The delay is 2ms from my PC to 1st VPN. (VPN on MikroTik)
2nd Wireguard on my PC is also running fine. But, I loose about 20% of the bandwidth speed when I connect to distance server with over 200ms ping.
It's been stable otherwise.