Your Own VPN Server – Basic Guide on How to Start It
In 2019, traveling around Asia you might be trapped by access failure to Google tools, Facebook pages, and several other popular services. Actually, they just do not work in China and are blocked by the government. In addition to the unavailability of services in some countries, there is a certain problem with ordinary Internet website access. It is not always possible to buy a local SIM card, so you have to connect to Wifi networks in hotels, airports, and cafes. In fact, we do not know anything about these networks: who created them, how reliable they are and if anyone “tracks” us. That is the usual reason for using a VPN server connection.
The same thing happens in Western countries. If you carelessly connect to Wifi in a cafe or to any public networks, then we have bad news for you. You have no idea how safe these networks are, and, possibly, right now intruders who are sitting at a nearby table are tapping all your traffic.
Our Online Activity is Under the Threat
Using a VPN connection is the optimal solution as you are able to hide IP address. We get access to the resources blocked in the country and protect ourselves from traffic interception. There are two ways to implement it.
- Use a commercial VPN service, such as Nord VPN.
- Create your own VPN server.
For many people, commercial VPN usage is an unacceptable solution, so they may consider creating their own VPN server.
How to Start Your Own VPN Server
After surfing the Internet, we did not find any working instructions: most of them contained errors and none of them worked 100%. Alternatively, these instructions were sharpened for too specific cases, which are not suitable for the average user. In this regard, we decided to write these instructions. I hope it will help if you have the need to create your own VPN server.
Unfortunately, Windows and Android are not considered in this article. The instruction is primarily created for Linux and those who use iPhone, iPad, and Mac.
How VPN Works And Why You Need a VPN Server
When you start the Internet connection between your device and the VPN server, there is a special link established – the VPN tunnel. All data transmitted and received in this connection is encrypted. From this point, all your network activity is carried out through this tunnel, and you use the Internet as originally from the VPN server itself.
For your provider, Wi-Fi network administrator, or attackers who scan traffic on Wi-Fi networks, all your network activity looks like a single connection to a single IP address. This is all that is available to them. They will not be able to find out what exactly is happening inside it, because they simply cannot get “inside” the VPN connection. They can hack the VPN server itself and get access to your traffic, but it is obvious that no one will do this. In addition, hacking a well-protected VPN server is another challenge.
So, let us check what advantages a VPN connection offers.
- A VPN connection will provide security when connecting to unreliable Wi-Fi networks and is especially useful when traveling. Neither the Wi-Fi network administrator nor the attackers who scan the traffic will be able to understand which sites you go to, what data you transmit or receive.
- A VPN connection will provide access to resources blocked in your country or the country where you are currently located. Since the VPN server is located outside of your place, any web resources become available to you. Unless they are not blocked in the country where such a server is located.
- VPN connection hides traffic from the Internet provider and, accordingly, from the intelligence services of your country. For example, in Russia, there are already precedents for people putting into jail with just one comment on the social network. It seems that a law-abiding citizen has nothing to fear, however, in our opinion, this is a significant threat to personal security. After all, why would you give someone more information about yourself if you can give less?
Of course, you should not take the VPN as a panacea. You also should not think that using VPN you could start hacking or steal credit cards. Such activity is illegal and ambiguous. Secondly, they will very quickly find you by contacting the host who locates the VPN server and will hand over your real coordinates.
Therefore, by creating our own home VPN server, we, first of all, provide protection against intruders and a militarized system of the state, gaining freedom to use the Internet.
There are still several significant questions to VPN.
- Some websites will start to check where your VPN server is located. However, it is easy to fix. Since most often we visit sites through Google search, it is enough to configure it once, and from this moment you will get direction to sites from the place, you need.
- A substantial part advertising will start to appear for the country in which your VPN server is located. Some sites have learned to understand that in fact, you are a French-speaking user located in Germany, however, YouTube, for example, still does not know how to do it and shows video ads in German. However, sometimes it is even interesting: you can see what products and services are currently relevant in other countries.
- Some services block access for non-residents, so VPN will have to be temporarily disabled when using them. However, there is a simple tip to avoid it: just turn off the VPN, start the video in the service and immediately turn on the VPN back. Everything will work.
- Slow download speed. According to the measurements, this is true, but in practice, the drop in speed for normal usage is so insignificant that this disadvantage can be neglected.
Which Country to Locate Your VPN Server
The selection of country for your VPN server should be based on the following criteria.
- The shortest distance to you: it will provide less ping and loss in connection speed.
- The minimum number of restrictions on the freedom of the Internet, the availability of any popular services.
- The lack of political tension between your country and the country where the VPN server will be located.
In this case, your traffic from the VPN server most likely will not be tapped by the intelligence services of another state. However, many Russian users prefer to have a VPN server in the UK precisely because of the high tensions between countries. If something happens, the UK will never give traffic to Russian intelligence services. Therefore, this approach can also be justified.
Any European Union country will be suitable in general, however, practice shows that Germany is the best solution: excellent ping and channel stability, minor speed losses and good availability of any global resources. If we proceed from the principle of maximum traffic protection from intelligence services, then the best solution would be a server in the UK.
For sure, you can start the VPN server in your own country, but in this case, you lose most benefits. If making a VPN server in your country, you give all your traffic to the intelligence services of your country yourself, since the server located in your country is the subject of its jurisdiction. In addition, still blocked resources will not be available.
Which Hosting to Choose for Your VPN Server
In order to create our own VPN server, we need to rent a Virtual Private Server or a VPS from one of the hosting providers. Then, we will install Linux on it and make configurations.
Choosing a host is a personal matter: there are countless topics like “where it is better to take a virtual server for VPN” on the forums. The list of the most popular global hosting and SEO companies today is the following.
- Amazon Web Services;
It is more advisable to choose Amazon Web Services (AWS), mainly due to brand awareness, a large number of available geographical areas for server placement and high stability. In fact, many popular Internet services run on AWS, renting servers for their needs, for example, Facebook.
In our opinion, hardly anyone can compete globally with Amazon today. The company was a pioneer in cloud technologies and, in fact, opened this industry. The AWS provides many cloud-computing solutions for everyday usage, but we need a regular virtual server. Therefore, we have to check one of the AWS developments – Lightsail.
Lightsail is a simplified solution for creating virtual servers, unlike its elder brother EC2. It has a very simple interface, which even a beginner will understand, so for our purpose AWS Lightsail suits well. In general, you can rent a server from any company – this is the issue to consider.
How Much It Costs
Using an AWS Lightsail VPN server will cost you $ 3.5 a month. For this money, you get hardware with 512 MB of RAM. This option easily handles the VPN traffic of three devices. The first month at AWS will be completely free.
Why Debian – Not Ubuntu
We will start our VPN server on the basis of the Linux operating system Debian, and not Linux Ubuntu, which quite often appears in such instructions.
Ubuntu was originally a user system, not a server system. Therefore, Debian is as reliable and stable comparing to Ubuntu. We use Debian in all Internet projects over the past 10 years and have never had problems with it, getting phenomenal stability and loading speed.
VPN Connection Protocols
Today there are various VPN connection protocols, their detailed analysis is beyond the scope of this article. Among them, the most popular are IPsec IKEv2 and OpenVPN.
Both protocols are good and reliable, but we will use IKEv2, since OpenVPN, in our opinion, has a significant drawback that overlaps its other advantages. OpenVPN requires the installation of its app, which should always be running on devices, which is inconvenient to use and it additionally consumes the battery. IKEv2 is “incorporated” in iOS and macOS and is native for them, without requiring the installation of any additional software.
As the server, we should use Strong Swan – a popular VPN server for Linux.
Ready scripts for deployment of the VPN server: Algo, Streisand.
Today, there are many ready-made solutions for deploying your VPN server on the Linux platform. For example, the Algo script (for IKEv2) or Streisand (for Open VPN), which you just need to download, unpack and run on the server. These scripts install and configure all the necessary packages themselves and provide a working VPN server for you at the output.
Thus, we will create our own VPN server using the following technologies.
- AWS Lightsail as a virtual server;
- IKEv2 as a VPN protocol;
- Linux Debian as a server OS;
- strongSwan as a VPN server;
- Algo ready-made scripts.
We hope that this article helped you to start your own secure VPN server and got VPN configurations for your devices. Now all our traffic has encryption and is inaccessible neither by the provider nor by the Wi-Fi network administrator or the attackers who previously could tape us. Now we can freely connect to any Wifi networks without fear for our own data or have access to any resources blocked in the country.
In general, you can create as many VPN servers as you want and switch between them. If you often travel, you can create servers in those geographical areas where you most often visit: this will provide a lower ping and a higher data transfer rate. For measuring these parameters, it is convenient to use the Speed test application.
Feel free to share this article with friends on social networks. So, more people will be able to protect their data and feel secured on the global web.