Gallery
Share
Explore

How to Create Your Own VPN Server

In today's digital world, online privacy and security are more important than ever. One of the best ways to safeguard your internet connection is by setting up your own Virtual Private Network (VPN) server. Running your own VPN server gives you full control over your data, enhances privacy, and bypasses geographic restrictions. This guide will walk you through setting up a VPN server on your own using OpenVPN and WireGuard.

Prerequisites

Before you begin, make sure you have the following:
A VPS (Virtual Private Server) or a dedicated server with a public IP address (such as from AWS, DigitalOcean, or ProHoster)
A Linux-based operating system (Ubuntu 20.04 or later recommended)
Basic knowledge of Linux commands
Root access to the server

Method 1: Setting Up OpenVPN

Step 1: Install OpenVPN

Update your system:
sudo apt update && sudo apt upgrade -y
Install OpenVPN and Easy-RSA:
sudo apt install openvpn easy-rsa -y

Step 2: Configure OpenVPN

Copy the example configuration files:
gunzip -c /usr/share/doc/openvpn/examples/sample-config-files/server.conf.gz | sudo tee /etc/openvpn/server.conf
Edit the configuration file:
sudo nano /etc/openvpn/server.conf
Modify the following lines as needed:
port 1194
proto udp
dev tun
Enable IP forwarding:
echo "net.ipv4.ip_forward = 1" | sudo tee -a /etc/sysctl.conf
sudo sysctl -p

Step 3: Generate Certificates and Keys

Set up Easy-RSA:
make-cadir ~/openvpn-ca
cd ~/openvpn-ca
source vars
./clean-all
./build-ca
Generate a server certificate and key:
./build-key-server server
Generate Diffie-Hellman parameters:
./build-dh
Copy the generated files to the OpenVPN directory:
sudo cp ~/openvpn-ca/keys/{ca.crt,server.crt,server.key,dh2048.pem} /etc/openvpn/

Step 4: Start and Enable OpenVPN

sudo systemctl start openvpn@server
sudo systemctl enable openvpn@server

Method 2: Setting Up WireGuard (Recommended for Speed & Simplicity)

Step 1: Install WireGuard

Update your package list and install WireGuard:
sudo apt update
sudo apt install wireguard -y

Step 2: Generate Keys

Generate private and public keys:
wg genkey | tee privatekey | wg pubkey > publickey
Save the keys in /etc/wireguard/wg0.conf:
sudo nano /etc/wireguard/wg0.conf
Add the following:
[Interface]
PrivateKey = YOUR_PRIVATE_KEY
Address = 10.0.0.1/24
ListenPort = 51820
SaveConfig = true

[Peer]
PublicKey = CLIENT_PUBLIC_KEY
AllowedIPs = 10.0.0.2/32

Step 3: Enable IP Forwarding

echo "net.ipv4.ip_forward = 1" | sudo tee -a /etc/sysctl.conf
sudo sysctl -p

Step 4: Start and Enable WireGuard

sudo systemctl enable wg-quick@wg0
sudo systemctl start wg-quick@wg0

Connecting Clients

To connect a client to your
VPN
, configure OpenVPN or WireGuard on your device with the corresponding configuration files. You may also need to open the necessary ports on your firewall (1194 for OpenVPN and 51820 for WireGuard).

Conclusion

Setting up your own VPN server allows you to have complete control over your online privacy. While OpenVPN offers strong security, WireGuard is a faster and simpler alternative. Choose the best option that fits your needs and enjoy a secure internet connection!
Want to print your doc?
This is not the way.
Try clicking the ⋯ next to your doc name or using a keyboard shortcut (
CtrlP
) instead.