79.21 VPN vpn.ac wireguard

20230317

VPN.ac supports setting up your VPN using wireguard. Install the required packages:

wajig install wireguard resolvconf

Now log into your VPN.ac account to select WireGuard Manager under the Services menu. Add a new device and then download the zip file of all VPN server configurations. For those you want to use copy to /etc/wireguard/ and ensure they have read permission only for root (the directory owner).

unzip vpnac-wg-configs.zip
sudo cp japan.conf /etc/wireguard/
sudo chmod 600 /etc/wireguard/japan.conf

Then simply bring up the WireGuard connection:

wg-quick up japan

You will see something like:

[#] ip link add japan type wireguard
[#] wg setconf japan /dev/fd/63
[#] ip -4 address add 10.11.9.238/16 dev japan
[#] ip link set mtu 1420 up dev japan
[#] resolvconf -a tun.japan -m 0 -x
[#] wg set japan fwmark 51820
[#] ip -6 route add ::/0 dev japan table 51820
[#] ip -6 rule add not fwmark 51820 table 51820
[#] ip -6 rule add table main suppress_prefixlength 0
[#] nft -f /dev/fd/63
[#] ip -4 route add 0.0.0.0/0 dev japan table 51820
[#] ip -4 rule add not fwmark 51820 table 51820
[#] ip -4 rule add table main suppress_prefixlength 0
[#] sysctl -q net.ipv4.conf.all.src_valid_mark=1
[#] nft -f /dev/fd/63

Visit https://ipx.ac/run to confirm the VPN is set up.

To disconnect:

wg-quick down japan

To check the status:

sudo wg show

and check for the latest handshake entry under peer. If present then the VPN is up.

interface: japan
  public key: jdhfuiehJHghhJGHGhGHGgHJGGTdgp+k58hjq72MxU0=
  private key: (hidden)
  listening port: 57223
  fwmark: 0xacc6

peer: Ip19fgfu5SKc5J+9GfgfJJh760Af1jggjfhgfjy3dX=w
  endpoint: 158.222.4.100:51820
  allowed ips: 0.0.0.0/0, ::/0
  latest handshake: 1 minute, 6 seconds ago
  transfer: 88.67 MiB received, 3.43 MiB sent
  persistent keepalive: every 25 seconds

The Ubuntu Network Manager can also import the conf files to set up the wireguard VPNs. Under Settings and Network click the + next to the VPN and choose Import from file .... Click Add to add it to the available VPNs.

Although it’s not really required any more since NetworkManager does a good job of turning the VPN on and off and indicating when the VPN connection is active, the Gnome Shell extension WireGuard Indicator can be used to quickly enable/disable the VPN. Once the extension is enabled configure the desired VPN Services by specifying, for example, wg-quick@japan.service under Settings.

See the VPN.ac Wireguard on Linux document for details.

---

Your donation will support ongoing availability and give you access to the PDF version of this book. Desktop Survival Guides include Data Science, GNU/Linux, and MLHub. Books available on Amazon include Data Mining with Rattle and Essentials of Data Science. Popular open source software includes rattle, wajig, and mlhub. Hosted by Togaware, a pioneer of free and open source software since 1984. Copyright © 1995-2022 Graham.Williams@togaware.com Creative Commons Attribution-ShareAlike 4.0