Like many of my most (and least) productive days at work, there comes a time when solitaire just doesn't cut it anymore and I sit there in frustration and think to yourself: "I'm a man, dammit. I should be playing REAL videogames." If you're anything like me, however, your place of work has foul content blockers stopping the wonderful and gracious steam store from even opening. A bloke can't even check discord on the wifi. What's the point of 2gbps internet if you can't send lightning fast reaction gifs? What bullshit. Thank Obama.
Anyways, like the true American patriot I am, I have to do something about this... This is basically against the constitution or something somehow. Lucky for me, I've been in the market for some new softawre to add to my newest server. I wrangled with openvpn with no success, I've entrusted like 9 dollars per month to the Swiss to no avail, I've even remoted into one of the servers to play games, but was left both disappointed and unsatisfied. Just as the encroaching darkness of actual workplace productivity began to surround my desk, a youtube video was reccomended to me. Our friends in India have given me an answer, extended an olive branch, shown me the light. That light was the color... of WIREGUARD!!!
Before we get into the super serious stuff, let's do a quick rundown on VPNs and why wireguard is good (just trust me bro).
A VPN or virual private network is a way to access resources on a secure netowrk or to redirect web traffic from one place to another. They are useful for avoiding content restrictions, because with a VPN, you're essentially rerouting traffic to a computer that does not suffer from restrictions, and that computer then sends the unrestricted data to your device. In a practicle sense, you can effectively avoid content blockers imposed by your government or organization. This means you can access the real internet instead of a filtered version.
Many VPN services advertise the ability to direct traffic to and from other countries, giving you the ability to not only bypass content restrictions, but benefit from another country's stronger laws and regulations on data privacy and security. I personally am a fan of Swiss vpn proxies for that reason.
A major enemy to VPNs are government or organizational firewalls. These are often custom tailored to block traffic to and from people in specific places, as well as stopping popular VPN protocols. This essentially blocks the VPN from sending you unfiltered traffic. For you, the user, this looks like either very slow connections that more often then not simply time out, or the vpn just outright failing to unblock content like it should. Though VPNs have become increasingly sophisticated and are able to be deployed using various methods and protocols, it is still very possible for them to be thwarted by someone savvy or experienced enough.
Wireguard is a VPN service that is meant to be very lightweight and user friendly, while still retaining the user's freedom to configure the server to their needs or standards. This is great because we are able to create our own proxy that is able to bypass restrictions one way or another, whereas if you paid for a VPN service and it doesn't work, you're just our 10-20 bucks for the month, and good luck getting them to help you bypass the restrictions with another protocol.
As one user describes it: "Imagine you run a physical cable between your house and your friends. Everyone can see there is a cable between you two, but they don't know what's inside, they just see 'the link'. Whatever you transmit it's secret. They can see a flow of information going through but it's all jibberish to everyone else."
This is because Wireguard uses a key system to encrypt the data being sent to and from the client and server devices. Keys are essentially super strong codes used to figure out what the nonsense you just recieved is actually supposed to mean. Key pairs are generally kept secret, since you don't want people just knowing the secret translator for your secret data.
Rundown over!
For free 99, a fraction of the agitation of openvpn, and some quick installations, YOU the layman can create your own vpn connection.
Firstly, you're going to want to install the ware on your server. If you don't know what a server is, it's just a computer that you leave running to do tasks in the background. Nothing fancy. This can be an actual desktop, an old laptop, or even a phone technically, but don't use that. I'm going to be giving instructions for debian 12, since I use that for my server. I highly reccomend it, I swear linux isn't hard, guys. After installing wireguard, you're going to want to open up terminal and run
sudo apt update
for good measure. This makes sure all your packages are up to date. If it says you have stuff to update, you can go ahead and do that, but wireguard should be fine at this point. Next, you can do what I did and use this quick istallation script to set up your first tunnel and client:
Next, we'll be installing a second piece of software that will turn data into a qr code for us to scan on mobile devices. Type this into your terminal:
apt install net-tools qrencode -y
NOW with the setupall finished, we can get into the serious part. Next, we are going to use a quick installation script to get everything up and running as fast as possible. The script is below. BUT!!! Do not just copy and paste this into your terminal, ok! You need to make sure that "your name" is whatever you want to name your first tunnel. This is important, because the client name is used for formatting the config (tunnel) file for when you want to add new users, and also so that you can better organize the client files.
wget https://raw.githubusercontent.com/Nyr/wireguard-install/master/wireguard-install.sh -O Your-Name.sh
As you can see, this script references a github page that you are free to audit on your own. I used it myself and my computer did not explode or nothin, so just trust this stranger behind your screen and run the code @~@
After running it, you have to run "bash yourname.sh" Once again, repalcing yourname with whatever you JUST typed in before. This will then prompt you to choose a port you'd like your server to listen from. The default port for this is 51820, and that works perfectly fine so just press enter unless you know what you're doing. You could change this if you know that port is already in use, you have all ports blocked except a specific few, or would like to listen for trafic on a specific port that is not the default. You'll then need to enter a name for your first client. For the sake of instruction, I'm going to pretend that this first client will be a cell phone or tablet, which is why we downloaded qrencode. We'll scan the qr code to easily and quickly get the info for our tunnel.
With our client named and whatnot, we'll pick our default DNS servers. Google is good. Hit "2" and press enter unless you have some other preference. Wait for the terminal to finish talking it up, then press enter again, and our qr code will pop magically appear. You can scan that with your device to access your brand new VPN server! I reccomend downloading the wireguard mobile app and importing a tunnl from that same qr code, as it will also provide you with important data and logs for monitoring the status of your connection as well as easily troubleshooting issues that may arise. For folks on debian, https://github.com/UnnoTed/wireguird is a wonderful gui for wireguard if you're scared of terminal or something. This also has logs and stats and stuff for the nerdily inclined. To create a new client, just enter "bash yourname.sh" and follow the same steps as the first time.
Now that we have our vpn set up, we can really stick it to the man and get unproductive.
OUTRO!