1
VPN Server Setup/Administration / Your proxy/VPN setup that allow you to be active (not firewalled) peer?
« on: February 23, 2020, 03:46:06 AM »
Hello,
i tend to rather trust installing VPN server myself on the VPS (virtual Linux server purchased @n0nym0usly) than tunkey vpn service.
Problem is that i was always passive/firewalled peer when using P2P networks.
What is your setup so you are active? Is there any way to have self-hosted proxy server and being active peer? I am rather asking if you know some guide, not general advice "you have to port forward" as i already tried this and failed.
Please what do you suggest to become active peer while keeping high level of privacy/anonymity/security for low price?
My computer is Windows 10 and secondary computer is Linux.
----
Ontopic regarding OpenVPN alternative, Wireguard:
There is a WireGuard client for Windows 10 at https://www.wireguard.com/install/
It was "pre-alpha" for a while, but it looks like it's finally beta or stable now, and I've been using it on my Windows PC for about a week straight with no problems.
As for the port forwarding thing, it sounds like you are looking for the type of port forwarding described at https://cryptostorm.is/portfwd. The iptables rules we use to add the forwarding server-side are:
i tend to rather trust installing VPN server myself on the VPS (virtual Linux server purchased @n0nym0usly) than tunkey vpn service.
Problem is that i was always passive/firewalled peer when using P2P networks.
What is your setup so you are active? Is there any way to have self-hosted proxy server and being active peer? I am rather asking if you know some guide, not general advice "you have to port forward" as i already tried this and failed.
Please what do you suggest to become active peer while keeping high level of privacy/anonymity/security for low price?
My computer is Windows 10 and secondary computer is Linux.
----
Ontopic regarding OpenVPN alternative, Wireguard:
There is a WireGuard client for Windows 10 at https://www.wireguard.com/install/
It was "pre-alpha" for a while, but it looks like it's finally beta or stable now, and I've been using it on my Windows PC for about a week straight with no problems.
As for the port forwarding thing, it sounds like you are looking for the type of port forwarding described at https://cryptostorm.is/portfwd. The iptables rules we use to add the forwarding server-side are:
Code: [Select]
iptables -t nat -A PREROUTING -p tcp -d $inst --dport $port -j DNAT --to $ip:$port
iptables -t nat -A PREROUTING -p udp -d $inst --dport $port -j DNAT --to $ip:$port
where $inst is that OpenVPN instance's public IP (the one the internet sees you as having), and $ip is your internal 10.x.x.x IP, and $port is the port to forward. In our setup, because of the port striping feature described at https://cryptostorm.is/blog/port-striping-v2, only ports 30000-65535 can be used for forwarding, since the ones before that are reserved for the VPN. For OpenVPN, the forwarding gets removed using a --client-disconnect script, but with WireGuard there's no server-side way to determine if a client is disconnected, which is why the port fowarding stays for WireGuard users.