Setting Up a VPN Server on Ubuntu

Setting Up a VPN Server on Ubuntu

VPN services are currently especially popular among advanced users from countries with issues concerning freedom of speech and access to information, such as China, Belarus, and Russia. This guide will help you create your own VPN server using the simplest SSD VDS.

We will use L2TP/IPSec, a type of VPN tunnel supported by various operating systems and devices, including Apple iOS and Android.

Want to start using your own VPN right now?

Order any virtual server on SSD drives, enter the coupon VPN-ON-VDS, and receive a permanent 10% discount! If you prefer OpenVPN, we have ready-made templates for a quick setup.

Step 1: Order an SSD VDS

Choose Ubuntu as the operating system. The simplest plan with 512MB of memory will suffice. The OS installation takes about 5-7 minutes, after which you’ll receive your VDS access details via email. Use any SSH client, such as PuTTY, to proceed with the setup.

Step 2: Install Necessary Applications

Run the following command:

apt-get install openswan xl2tpd ppp

During installation, decline automatic key generation.

Step 3: Configure IPSec

Edit the file /etc/ipsec.conf:

version 2.0

config setup
nat_traversal=yes
oe=off
protostack=netkey

conn L2TP-PSK
authby=secret
pfs=no
rekey=no
type=tunnel
esp=aes128-sha1
ike=aes128-sha-modp1024
ikelifetime=8h
keylife=1h
left=185.14.XX.XX
leftnexthop=%defaultroute
leftprotoport=17/1701
right=%any
rightprotoport=17/%any
rightsubnetwithin=0.0.0.0/0
auto=add
dpddelay=30
dpdtimeout=120
dpdaction=clear

Make sure to specify your VDS’s IP address in the parameter left=.

Step 4: Add Encryption Key

In /etc/ipsec.secrets, add your desired key:

%any %any: PSK "TestSecret"

Step 5: Configure L2TP

Open /etc/xl2tpd/xl2tpd.conf and set the contents to:

[global]
ipsec saref = yes

[lns default]
ip range = 192.168.1.231-192.168.1.239
local ip = 192.168.1.230
refuse chap = yes
refuse pap = yes
require authentication = yes
ppp debug = no
pppoptfile = /etc/ppp/options.xl2tpd
length bit = yes

Step 6: PPP Configuration

Edit /etc/ppp/options.xl2tpd:

require-mschap-v2
ms-dns 8.8.8.8
asyncmap 0
auth
crtscts
lock
hide-password
modem
debug
name l2tpd
proxyarp
lcp-echo-interval 30
lcp-echo-failure 4

Step 7: Set Up User Authentication

In /etc/ppp/chap-secrets, add:

* * TestPassword *

Step 8: Enable NAT

Open /etc/rc.local and add:

echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -o eth0 -j MASQUERADE

Conclusion

Reboot the VDS using the command reboot. You can now set up your iPhone: Go to “Settings” -> “VPN” -> “Add VPN Configuration…” and fill in the fields. Your VPN setup is complete, and you can enjoy safe access to the Internet without restrictions.