Run It Yourself

2976 readers

1 users here now

Overlaps somewhat with /c/floss_replacement and /c/privacy; crossposts welcome

founded 4 years ago

MODERATORS

[email protected]

How do I make a vpn? (lemmy.ml)

submitted 4 years ago by [email protected] to c/[email protected]

9 comments fedilink hide all child comments

hey everyone! I'm back after taking some time off from certain things. before I start losing my mind from not having anything to do, I decided that I'm going to start being more "involved" in the online world. even if It'll take away some of my privacy a bit, also because I want to practice being less paranoid, I'm sure some of you know how this feels very well. and so far there's no clear answer to how you could become truly invisible. by the way, I now finally have my own fediverse social media account and my own website. there's no such thing as 'blogger' type fediverse platform so I chose something else for now.

moreover, here's the actual reason I came back online; can anyone tell me how I can make my own hosted vpn?

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 5 points 4 years ago (2 children)

From my experience wireguard is pretty easy to setup. For what purpose do you want to setup your own vpn though? If it is for privacy reasons this is probably a bad idea because most likely the server that will run the vpn software will be linked to you. And if you are the only person using your selfhosted vpn, it is trivial to identify you.

[–] [email protected] 3 points 4 years ago (1 children)

Can confirm that it's easy to set up. Also very fast.

[–] [email protected] 2 points 4 years ago (1 children)

I just set it up and it works. one more thing, I'm using TOR and wireguard seems to route all traffic through the vpn. is it possible to use it like a proxy?

[–] [email protected] 1 points 4 years ago (1 children)

You can adjust what traffic you wish to send over wireguard by adjusting allowed-ips peer attribute (assuming you're using wg-quick), e.g. if you only wish to send your lemmy.ml traffic over wireguard tunnel, then get the IP address(es) associated with lemmy.ml DNS name, and add them to allowed-ips attribute of your wireguard peer (in your local configuration), while removing the default route from there. With this reconfiguration tunnel, you will now have route(s) to lemmy.ml going over wireguard while rest of the traffic going via the default route. You can keep appending more routes to allowed-ips over time, and reloading tunnel configuration.

HTH

[–] [email protected] 1 points 3 years ago (1 children)

thanks. so pretty much I can't just like use certain programs with wireguard then. maybe I'll use this as an alternative though this is pretty complicated for certain apps like matrix. I'll just use up and down switch for now.

[–] [email protected] 1 points 3 years ago

For more flexibility, you can try with OS's support for that, e.g. Linux network namespaces, or setfib(1) in FreeBSD. AFAIK, there is nothing in Wireguard to do that other than what's possible with routing.

[–] [email protected] 2 points 4 years ago (1 children)

I did bought the server anonymously, does that help?

[–] [email protected] 3 points 4 years ago

Yes, that does help a little. But how much depends on your threat scenario: If you just don't want your ISP to know what you are doing or hide your true IP from some web site you are probably good but if you want to avoid online tracking the situation with a selfhosted vpn may even be worse as your server probably has a static IP address and makes you easy to identify. Also note that once you login into some website with and without vpn it is easy to connect you to your server.