Set up VPN to bypass censorship (Client)
A secure and convenient way to transfer config files from server to client is magic-wormhole.
1. V2Ray
All of these commands should be run on the client, not the server.
Choose one of the clients here depending on your OS.
If you chose a GUI client, you can simply fill in the requested details from your server config file, or import a json file. Unfortunately, there are too many clients to provide accurate and timely support for each :(
To import a json file: Copy and fill in the template below to your config.json in your V2ray folder, replacing the all-caps values with your server's information (hostnames, etc). Note that you may have to adapt the config to work with your client of choice. There is (unfortunately) no universal config that will work with all clients.
Set your system's proxy settings to the SOCKS proxy defined in the config. If you used my config, it should be
localhost:10808
. Applications such as Proxy SwitchyOmega or Proxifier (paid) are good for setting proxy settings in browser only or globally (respectively).
2. WireGuard
- Copy the generated WireGuard configs from your server to your client.
- Connect using a WireGuard client by importing the config copied:
- You can edit the port in the config to whatever ports you configured on the server. The default config will work with 53/udp and 51820/udp
3. OpenVPN
Note: Not updated
Download an OpenVPN client, such as Pritunl or the Official OpenVPN client.
Copy the
.ovpn
files from your home directory on your server to your client device, and import it to your OpenVPN client.You can modify the
port
in each .ovpn file to 443 if 1194 is blocked on your network.
4. SSH Tunnel
- Requirements for SSH tunnel
- Linux & macOS: Nothing
- Windows: Windows Subsystem for Linux (ideally 2.0)
- Android: SSH Tunnel app and rooted device
- iOS: You're on your own
- Other platforms: if you have the ssh binary and a way to set a system proxy, the steps for Linux & MacOS will work.
- Linux & macOS: Nothing
- Command to establish SSH tunnel + SOCKS5 proxy endpoint (run in terminal or WSL):
ssh -CqN tunnel@YOURPUBLICIP -D 10808
or ssh -CqN tunnel@YOURPUBLICIP -D 10808 -p 443 # Use this on networks where port 22 is blocked. It will SSH over port 443. (Change the port as needed, as long as your SSH server is listening on your desired port.)
Then set your system proxy to localhost:10808
. Ctrl-C to terminate the tunnel (use -f flag to put the SSH session in the background).
- DigtialOcean has a good guide for this.