So,
You Want a Free VPN for securing you're connection, you don't want the third party to sneak up behind you and see or steal your data, you are not alone, we all want that, easy way buy a premium vpn there are tons of out there, but we they are paid, so lets have our own VPN.
Without Further Delay lets get started,
PREQUISTE
AWS ACCOUNT
LITTLE BIT OF LINUX
We are going to use the service name LightSail in here, you ask why? Well, first we can run the sever for free (3 Months) if you are well-passed you're free tier of AWS.
Lets go to LightSail Console
Let's create the Instance
We can use any OS amazon-linux-2, ubuntu we just needs to know the package name for the same, here I'm going with ubuntu:20.04LTS
Choose the Plan According to you're needs and select it
While waiting for the instance to provision for you lets go to Network tab and create a static-IP for our VPN
Name the IP with anything, choose the Instance in which you want to attach the static-IP
Let's connect to the instance with SSH, LightSail give us web-based ssh and terminal based, for terminal based we need the key, Download the Default key from here
and lets start executing some linux commands.
PART II
Start the SSH connection
ssh ubuntu@<IP> -i <path-to-key>
Install the Wireguard
sudo -i
apt update
apt install wireguard -y
After Installing it, we need to enable the port forwarding so that after connecting to instance we can still use the internet freely
run the following command to do so
vim /etc/sysctl.d/10-wireguard.conf
and add the following line
net.ipv4.ip_forward=1
After adding the line execute the following command to make it permanent
sysctl -p /etc/sysctl.d/10-wireguard.conf
After enabling the Port Forwarding lets move to the Wireguard directory
cd /etc/wireguard
NOTICE: Important We are generating key for the server make sure that you don't share any private key from here.
Execute the following commands
wg genkey | tee server.key | wg pubkey > server.pub
wg & wg-quick is command-line tool for interacting with Wireguard.
We will be using these file in our next step.
Now Let's create the configuration file,
for our VPN here whatever you want to name the configuration file you can name it and it will create a interface with the same name
but it must contain the .conf
vim vpn.conf
Add these line into it
[Interface]
Address = 10.1.1.1/24
ListenPort = 51820
PrivateKey = <server.key>
PostUp = iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
PostDown = iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
Make sure you add the server.key content here the file we created earlier
Let's Enable the VPN
run the following command to start it
systemctl enable --now wg-quick@vpn
Verify it's running successfully
systemctl status wg-quick@vpn
PART III
So our VPN Server is now running but we need to give the access to user, for that we need to generate some more files using the wg but I love the GUI so after doing some digging I found this amazing dashboard thanks to the author I can do everything from Dashboard only
Install the Dashboard
Here the github link
let's clone the repo
git clone -b v3.0.6 https://github.com/donaldzou/WGDashboard.git wgdashboard
change the directory & execute some commands
cd wgdashboard/src
chmod u+x wgd.sh
./wgd.sh install
chmod -R 755 /etc/wireguard
apt install python3-pip -y
pip3 install -r requirements.txt
./wgd.sh start
Make Sure the port 10086 being used by running
netstat -tnlp
And we are done here
Back to LightSail
Let Open these port
51820 UDP
10086 TCP
By going into the networking tab
PART IV
We are in the ENDGAME
Open the Dashboard by going to
public-ip-of-instance:10086
In my case http://3.111.147.192:10086/
Default Creds
username: admin
password: admin
After logging in
Go to the Setting Page
change the
Peer Remote Endpoint (This will be change globally, and will be apply to all peer's QR code and configuration file.)
From anything like this
to You're Public IP of the Instance in my case 3.111.147.192
And then Go to the Configuration Page
Click on the Blue Add Button on the Lower Right
Add the Username and Download the File by clicking on the small green button.
Go to WireGuard Client And add the tunnel by importing the downloaded file and click
ACTIVATE
If Everything is right you will be connected to the VPN check your IP to verify it.
That's How We can have our own VPN
If any question plz feel free to ask in the comments
Top comments (1)
I think that such a VPN will work stably. Users turn to VPNs and often choose free services because of the high cost of subscriptions or difficulty paying. Services are divided into paid and free, but you have to pay in any case - either money or information. Free applications can analyze site visits or impose advertising messages. Of course, this can also happen with paid services, so you should read the privacy policy and terms of service before paying. This has never happened with a VPN from namecheap.com/vpn/vpn-for-router/. Good luck with your promotion.