Enhance your online privacy with a self-hosted OpenVPN or WireGuard VPN. Follow our guide for a secure & reliable setup, ditching public VPNs.
Advantages of Selfhosted private VPN
You will have full control unlike a public VPN where the servers and applications are owned and controlled by the VPN provider. This also eliminates the concerns of logging which most of them do. Another advantage is that you’ll get a dedicated IP assuming the server you pick has one. VPN providers often charge extra for a dedicated IP. In general, following are the advantages.
- Enhanced Privacy: Your data remains within your network, avoiding third-party servers and potential logging.
- Greater Control: You dictate the server location, encryption protocols, and user access, offering complete control over your VPN setup.
- Cost-Effective: After the initial setup, running your own VPN can be cheaper than commercial VPN subscriptions, especially for multiple users.
- Customization: Tailor the VPN to your specific needs, including choosing the operating system and software that aligns with your preferences.
- Security: Reduces reliance on external providers, minimizing potential vulnerabilities associated with third-party services.
- Flexibility: Access your home network and devices securely from anywhere, bypassing geo-restrictions and censorship.
- Data Ownership: Maintain complete control over your data, ensuring it's not stored or processed by external entities.
Prerequisites for Selfhosting VPN
- A server with public IPv4, even better if it has IPv6
- Supported OS - Ubuntu, Debian, AlmaLinux, Rocky Linux, CentOS and Fedora
- Basic Linux skills
- Wireguard/OpenVPN client app.
VPN protocols used for Selfhosted VPN
Wireguard
My recommendation is to use Wireguard protocol. WireGuard is a modern VPN protocol known for its high performance, strong security, and efficiency. It uses advanced cryptographic techniques to ensure secure communication, while its streamlined codebase and modern design contribute to faster speeds and lower resource usage compared to older protocols like OpenVPN and IPSec.
OpenVPN
It is a widely used VPN protocol known for its flexibility and robust security features. It supports various encryption standards, making it adaptable to different security requirements. OpenVPN's open-source nature allows for extensive customization and compatibility across platforms. While it may not always match the performance of newer protocols like WireGuard, its long-standing reputation for security and reliability makes it a popular choice for many users and organizations seeking a trusted VPN solution.
Steps to setup private VPN under one minute
Both the above VPN protocols have well documented installation and configuration steps in their respective sites but it may not be suitable for everyone hence we will use a simple script to set these up. Setting up will take less than a minute provided all prerequisites are met.
Wireguard VPN tutorial
- Connect to the server via SSH
- From terminal, run the below command
wget https://git.io/wireguard -O wireguard-install.sh && bash wireguard-install.sh
- Complete the steps one by one. Select the IP. (In case the server has multiple Public IPs, pick one)
- Select port (leave it default or type any custom port you want, make sure it is not in use and available)
- When it asks for a name, type something like myVPN
- Select the DNS(leave it default if unsure)
- After the above step, press any key to start installation.
- Script will automatically install Wireguard and show a QR code which you can scan using Wireguard client app on a device with camera.
- It will also generate a Wireguard configuration file at the /root directory with name myVPN.conf that can be imported to any Wireguard client app.
- If scanning the QR code is not an option, you can download the configuration file and import it.
- Once it is added, just click connect and that’ll be all.
OpenVPN Tutorial
- Connect to SSH as before and run the below script and follow the prompts.
wget https://git.io/vpn -O openvpn-install.sh && bash openvpn-install.sh
- There will be steps to select IP and Protocol. If you are not sure of an option, follow the default or recommended options.
- After selecting Port, DNS, the script will generate an OpenVPN Configuration file at the /root directory with extension .ovpn
- Copy or download the file and import to OpenVPN client. Enjoy!
Adding/removing users, uninstalling VPN
Run the respective script again to add more users or remove it completely from the server.
Conclusion
While it is so easy to run the script and create VPNs, you shouldn’t trust scripts available online and run them blindly on your server. Make sure they are trusted and from a reputed source. In this case, all the code is opensource and available on GitHub. Check WireGuard and OpenVPN. Also big thanks to Nyr who created and maintains this script.
COMMENTS