How to create your own VPN server on Windows, iOS and macOS

Recently, the abbreviation VPN has begun to sound more often and louder on the Internet. This is because this feature allows you to bypass various blocking by the provider or other regulators, as well as visit resources anonymously. But not everything is so simple – using the services of any VPN operator, the user entrusts all personal data entering and leaving the computer to this service. It can be extremely unsafe – we know what to do about it.

VPN (Virtual Private Network) – translates as a virtual private network and performs the functions of a private network in the truest sense of the word. Despite the popularity of VPN as a service for bypassing blocking, the initial task is to build corporate networks. For example, to connect enterprise employees to local services and equipment from the outside (from home, on vacation on the islands or in the country) – software , internal resources, printers, scanners, corporate communications, schedulers and other working “layer”.

That is, this is a kind of sandbox in which you can create an entire network or even an Intranet – the internal Internet of a company. For example, a network of one of the universities, connecting to which you can get access to unique resources – a library, a repository of scientific works, research, as well as various modules, services, programs and everything that a happy student can wish for.

How it works
The fact is that a VPN allows you to connect to all this just as easily, as if we were right at the router in the office and connected to it by wire. This requires only the support of technology from the device – it can be not only a computer, but also a smartphone and even a router. For example, an employee of a corporation, while on vacation in Sochi, can connect to a printer in the Novosibirsk office and print a confidential document directly, without moving the file through storages, clouds, and mail services.

Hence, by the way, the second well-known and useful thing is bypassing provider locks. Since a VPN allows you to connect from anywhere in the world and using any connection, then the network can be organized anywhere. For example, in Germany. Since the legislation of this country does not prohibit visiting sites entered in the register of another state, the user can connect to the VPN and use it as an “unblocker”.

What is needed for this
If we abstract from corporate VPN tasks and focus only on the ability to bypass blocking, then there are two ways to organize a network. The first is to set up a ready-made service that hundreds of companies provide. For example, Proton VPN – just register on the site, install the program on your device, log in and click the “Connect” button. Everything is easy and simple. But this “simplicity” has a significant drawback – security .

Since all traffic sent from our device is filtered by unknown people providing private network services, there is a huge chance of becoming a victim of confidential data leakage. For example, dishonest services steal passwords, bank card data, and in general everything that is transmitted through their servers. In this case, it remains to accept the situation or resort to method number 2 – organizing your own VPN network.

What’s the use?
Setting up a VPN on your own server gives you complete control over what happens on the network. This is at least a basic security theory – the user has the right to “raise” any software that encrypts, closes and mirrors traffic in the desired format. In the current realities, this is the most effective way to protect yourself from blocking by the provider, as well as to avoid data leakage. In addition, with your own VPN, you can safely connect to open access points in hotels, cafes and anywhere the network can be tapped.

 

In addition, in this case, the question of profit is also important – as a rule, renting a VDS (virtual server on the network) will cost less than purchasing a monthly subscription to a third-party VPN. At the same time, a “foreign” service does not guarantee stable operation during peak hours and almost always limits the maximum connection speed.

With a private server, everything is much better – traffic is not limited, the speed reaches hundreds of megabits, and there is no peak load, since only the owner of the network connects to it. Profitable, whatever one may say – let’s see how it’s done.

Provider search
Before creating a VPN, you need to decide on a platform that provides virtual server rental services. You can choose a service based on two indicators – the number of positive reviews in the network or the size of the community. The second, of course, is more important – the more users “spin” on this platform, the easier it will be to get feedback and help in setting up the server.

VDSina was chosen as an example for this material. This is a domestic service, which, unlike foreign ones, accepts “our” cards for payment. Moreover, the service has servers in the Netherlands – a favorite place for inveterate “vpnshchikov”.

We register, configure the server, select the desired country (only foreign ones are suitable for bypassing blocking) and click “Create”.

Provided that the necessary amount is available to start the tariff, the system will create a server and automatically configure it for use. After activating VDS, the data for connecting to the server will be sent to the mail specified during registration – this is a dedicated IP, login and password.

Everything, the server is ready for configuration. Let’s go further.

I don’t want to type a lot, I want everything at once
There are many boring and confusing instructions on the Internet that are relevant only with a specific version of the operating system and software. If the user installs another OS or uses a server rental service that is different from the one described in the instructions, then all the benefit of the step-by-step guide is reduced to zero. In short, there are no universal instructions, but there are nuances and pitfalls.

Therefore, you should not reinvent the wheel and torment the pupils with red eyes – we will use the Outline utility, which automates the process of setting up a VPN. The user will only need visual control and timely input of passwords, logins, numbers and letters. By the way, the jigsaw team, which is part of Google, is engaged in its creation. In general, it is safe and fast – what an inexperienced user who is hardly familiar with the computer’s command line needs.

We download the first part of the utility to the computer, which deals with setting up the server. This is the Outline Manager:

And we run:

The program can be automatically deployed on DigitalOcean, Google Cloud and Amazon Lightsail servers, however, all these services do not support payments with Russian bank cards, so we will have to do a little manual work. To do this, select the fourth item, fall into the manual settings and get a mini-instruction:

So, to set up a VPN, you need to install the Outline software from the server side. To do this, you need to paste the proposed command into the VDS command line, then copy the received command and paste it into the lower window. At this stage, we will have to postpone the configuration of the utility and move on to using the terminal.

Server Tuning
To configure a virtual computer, you can use the “grandfather” methods – connect remotely using utilities such as PuTTY or via the command line. However, this is not about ordinary users – give us everything simply and clearly. Therefore, we will use the built-in functionality in the server control panel. Go to the “Management” tab and select “Connect via VNC”:

A window with a black background will open in a new browser tab asking you to log in. We enter the data received in the letter and enter the system. For ease of entry, you can use the “Send to Console” button in the upper right corner.

Ready. Now you can insert the very command that the Outline utility provided us with. But, before installing the utility on the server, you need to update the system repositories and download the missing packages. To do this, we execute several commands in the console:

After the commands complete successfully, you can paste the text from the Outline into the command line and press Enter:

The console output is green and there is the very “phrase” required to continue setting up the Outline.
PS Most likely you will need to open ports for Outline access to the server. To do this, we perform a few more manipulations on the command line. Namely, install iptables and configure it by entering the following commands one by one:

Do not forget to press Enter after each command. After the work done, we return to the utility.

I do not want to print a lot, I want everything at once – continued
Finally, we returned to the native graphical interface, where everything is simple and clear. We enter the same green command in the second window:

And we get to the control panel:

That’s it, now you can relax and look forward to a quick connection via your own VPN channel. The only thing left to do is to create access keys for client devices. To do this, click the “Add a new key” button and send an invitation to the user who needs to be connected to the network. We will send a connection link to our mobile device.

We follow the link through a mobile browser that will offer to install the necessary utility.

The system redirects to the app store.

We install, agree with the proposals and observe the finished VPN.

Testing the work
For the sake of interest, let’s compare the connection speed – after all, the server promises a stable connection up to 1 Gb / s. True, you will have to make an adjustment for the distance to the server in kilometers – from the south of Russia to Amsterdam it will not work.

The first image is before connecting to the server, the second is after. Voila, fast and stable internet without borders is served! And as secure as possible within the framework of the VDS-landlord, the Outline utility and basic Linux security algorithms.