79.21 VPN vpn.ac wireguard

20230317

VPN.ac supports setting up your VPN using wireguard. Install the required packages:

wajig install wireguard resolvconf

Now log into your VPN.ac account to select WireGuard Manager under the Services menu. Add a new device and then download the zip file of all VPN server configurations. For those you want to use copy to /etc/wireguard/ and ensure they have read permission only for root (the directory owner).

unzip vpnac-wg-configs.zip
sudo cp japan.conf /etc/wireguard/
sudo chmod 600 /etc/wireguard/japan.conf

Then simply bring up the WireGuard connection:

wg-quick up japan

You will see something like:

[#] ip link add japan type wireguard
[#] wg setconf japan /dev/fd/63
[#] ip -4 address add 10.11.9.238/16 dev japan
[#] ip link set mtu 1420 up dev japan
[#] resolvconf -a tun.japan -m 0 -x
[#] wg set japan fwmark 51820
[#] ip -6 route add ::/0 dev japan table 51820
[#] ip -6 rule add not fwmark 51820 table 51820
[#] ip -6 rule add table main suppress_prefixlength 0
[#] nft -f /dev/fd/63
[#] ip -4 route add 0.0.0.0/0 dev japan table 51820
[#] ip -4 rule add not fwmark 51820 table 51820
[#] ip -4 rule add table main suppress_prefixlength 0
[#] sysctl -q net.ipv4.conf.all.src_valid_mark=1
[#] nft -f /dev/fd/63

Visit https://ipx.ac/run to confirm the VPN is set up.

To disconnect:

wg-quick down japan

To check the status:

sudo wg show

and check for the latest handshake entry under peer. If present then the VPN is up.

interface: japan
  public key: jdhfuiehJHghhJGHGhGHGgHJGGTdgp+k58hjq72MxU0=
  private key: (hidden)
  listening port: 57223
  fwmark: 0xacc6

peer: Ip19fgfu5SKc5J+9GfgfJJh760Af1jggjfhgfjy3dX=w
  endpoint: 158.222.4.100:51820
  allowed ips: 0.0.0.0/0, ::/0
  latest handshake: 1 minute, 6 seconds ago
  transfer: 88.67 MiB received, 3.43 MiB sent
  persistent keepalive: every 25 seconds

The Ubuntu Network Manager can also import the conf files to set up the wireguard VPNs. Under Settings and Network click the + next to the VPN and choose Import from file .... Click Add to add it to the available VPNs.

Although it’s not really required any more since NetworkManager does a good job of turning the VPN on and off and indicating when the VPN connection is active, the Gnome Shell extension WireGuard Indicator can be used to quickly enable/disable the VPN. Once the extension is enabled configure the desired VPN Services by specifying, for example, wg-quick@japan.service under Settings.

See the VPN.ac Wireguard on Linux document for details.



Your donation will support ongoing availability and give you access to the PDF version of this book. Desktop Survival Guides include Data Science, GNU/Linux, and MLHub. Books available on Amazon include Data Mining with Rattle and Essentials of Data Science. Popular open source software includes rattle, wajig, and mlhub. Hosted by Togaware, a pioneer of free and open source software since 1984. Copyright © 1995-2022 Graham.Williams@togaware.com Creative Commons Attribution-ShareAlike 4.0