Login

Forgot password?

We love free and open web!

Author Topic: Your proxy/VPN setup that allow you to be active (not firewalled) peer?  (Read 18492 times)

Offline postcd

  • Newbie
  • *
  • Posts: 1
    • View Profile
Hello,

i tend to rather trust installing VPN server myself on the VPS (virtual Linux server purchased @n0nym0usly) than tunkey vpn service.

Problem is that i was always passive/firewalled peer when using P2P networks.

What is your setup so you are active? Is there any way to have self-hosted proxy server and being active peer? I am rather asking if you know some guide, not general advice "you have to port forward" as i already tried this and failed.

Please what do you suggest to become active peer while keeping high level of privacy/anonymity/security for low price?

My computer is Windows 10 and secondary computer is Linux.

----

Ontopic regarding OpenVPN alternative, Wireguard:
There is a WireGuard client for Windows 10 at https://www.wireguard.com/install/
It was "pre-alpha" for a while, but it looks like it's finally beta or stable now, and I've been using it on my Windows PC for about a week straight with no problems.
As for the port forwarding thing, it sounds like you are looking for the type of port forwarding described at https://cryptostorm.is/portfwd. The iptables rules we use to add the forwarding server-side are:
Code: [Select]
iptables -t nat -A PREROUTING -p tcp -d $inst --dport $port -j DNAT --to $ip:$port
iptables -t nat -A PREROUTING -p udp -d $inst --dport $port -j DNAT --to $ip:$port
where $inst is that OpenVPN instance's public IP (the one the internet sees you as having), and $ip is your internal 10.x.x.x IP, and $port is the port to forward. In our setup, because of the port striping feature described at https://cryptostorm.is/blog/port-striping-v2, only ports 30000-65535 can be used for forwarding, since the ones before that are reserved for the VPN. For OpenVPN, the forwarding gets removed using a --client-disconnect script, but with WireGuard there's no server-side way to determine if a client is disconnected, which is why the port fowarding stays for WireGuard users.