VPN Setup
VPN Setup
Making a VPN Server
Credits to OnlyCS for the original Kajig and awsame for also helping
Prerequisites
To make a VPN server, you will need:
- A VPS running Ubuntu 20.04 (DigitalOcean Recommended)
- A Chromebook for testing
- Forwarded Ports
- 22
- 500
- 4500
- 53
- Basic Knowledge of Linux
- Downloading files online with
wget
- Modifying files on terminal
- SSH/SFTP
- Installing packages with
apt
- Basic knowledge of commands like
ls
,cd
, etc
- Downloading files online with
Installing and Configuring
Make sure ports 500 and 4500 are enabled and run sudo apt install strongswan strongswan-pki libcharon-extra-plugins libcharon-extauth-plugins libstrongswan-extra-plugins
Next, make sure to backup /etc/ipsec.conf
and then open it in vim
or nano
Replace the contents of the file with
backup /etc/ipsec.secrets
and replace its contents with:
Firewall & IP Routing
run these four commands:
Then run ip route show default
. You should get default via [your_server_ip] dev [device] proto static
Keep note of the text where I have left device. This could be something like eth0
or wlan0
Edit /etc/ufw/before.rules
above *filter
, insert (replacing DEVICE_HERE with your device name):
Below the *filter
section (below :ufw-not-local - [0:0]
):
In /etc/ufw/sysctl.conf
, bottom of the file
Restart ufw with:
Finally, start the VPN server
DNS Server with Pi-Hole
First, Install Pi-Hole:
curl -sSL https://install.pi-hole.net | bash
Make 1.1.1.1
(Cloudflare’s DNS) the upstream and enable the Web UI/Admin Panel
In your Browser, go to the server IP. Port 80 should be open.
Open the filter list: This is where we block URLs. Click the Regex Filter button
There are many regex filters, and they can be found here. Make sure to convert these to Regex to use them, as they are in Adguard format. Here is an example of some links in Regex format:
In the Admin Panel, go to Settings > DNS > Interface Settings. Select permit all origins. Scroll to the bottom and hit save
Troubleshooting
If you’re having trouble go to discord.gg/unblock and look for the making your own VPN server kajig for assistance.
A common error that occurs is that your VPN will connect, but you will have no internet connection. In this case, try: sudo iptables -I FORWARD 1 -j ACCEPT
Connecting with a Chromebook
- Go to chrome://flags and enable the ikev2 VPN flag
- Then open network settings and add a network connection
- Click built in VPN
- Click provider, then ipsec (ikev2)
- Click Authentication Type > Pre-Shared Key
- Click server hostname, then put the IP address
- Click the Pre-Shared Key and put the value you added in for the password in
ipsec.secrets
- In local identity, put your name or anything else
- In remote identity, put the server and click Connect.
You can now bypass web filters :D