1 Apr 2023
Hello! Today I would like to describe simple self-hosted VPN server setup.
There are many scenarios for using VPN. Probably most common is block bypass. This is especially important for countries with a totalitarian government(Russia, Belarus etc.). It also might be necessary for using some services, that blocking access for users outside the country.
Примеры использования VPN:
Simplest option would be use some 3rd party VPN service, like Proton VPN, Surfshark VPN etc.
THere is a review and comparison of VPN services: https://www.pcmag.com/picks/the-best-vpn-services
There is another option - buy VPS server and setup VPN server by yourself. Advantages:
There is a manual VPN server installation tutorial: https://freehost.com.ua/ukr/faq/articles/kak-ustanovit-i-nastroit-l2tp-vpn-servera-na-ubuntu-server/#3
Depends on usage scenarios. In most cases it would be enough to use cheapest low-power VPS. But also need to pay attention to virtualization type. I would recommend KVM.
I'm using https://hosting101.ru/ or similar hosting aggregator for choosing VPS provider.
Configuration complexity is the main disadvantage of self-hosted VPN. There are Linux administration skills, network configuration knowledge and VPN protocols understanding required. Another option is to precisely follow the instructions and hope that everything will work as expected. Anyway, these options won't be suitable for everybody.
There is a IPsec VPN Server Auto Setup Scripts, that can be used for automatic VPN server setup. It's a good option for setup self-hosted VPN quick and simple. Especially, if there are no specific requirements.
There is a simple command to install and configure VPN server:
wget https://git.io/vpnsetup -O vpnsetup.sh && sudo sh vpnsetup.sh
Or several commands, for custom username/password:
wget https://get.vpnsetup.net -O vpn.sh nano -w vpn.sh [Replace with your own values: YOUR_IPSEC_PSK, YOUR_USERNAME and YOUR_PASSWORD] sudo sh vpn.sh
There are tutorials for setup clients for any platform. I'm using this VPN server for a several years and tested it on almost all platforms. Several months ago I configured second server in different location.
It's very low risk. In theory, self-hosted VPN can be blocked by internet provider or government. There are technical details in article: https://habr.com/ru/post/710980/.
However, in reality internet provider won't do it without reason. And government wouldn't block private ip address, which is not mentioned anywhere. In case it will, it would be enough to configure VPN on another server. Blocking of all VPN traffic is also low risk, because VPN is widely used for many companies for remote access to infrastructure.
That's all for now. Thank you for your attention!