How to Build Your Own VPN

  • Author: Safewoo
  • Date: 2024-12-06

VPN Protocols Overview

What is a VPN?

VPN stands for Virtual Private Network. It is a method to establish a secure tunnel between devices. In fact, many proxy methods are also referred to as VPNs. This article focuses specifically on Virtual Private Networks (VPNs).

When selecting a VPN, many users prioritize its ability to bypass network restrictions. The primary motivation for using a VPN is often to access geo-blocked content, circumvent censorship, or maintain online privacy in regions with strict internet controls. This demand is driven by a desire for unrestricted access to information and services, regardless of geographical location.

One of the most important things when choosing a VPN is how easy it is to set up and use. Windows and Android users usually have a lot of options to choose from, but the iOS App Store has stricter rules about VPN apps. This means that in some countries, like China, iOS users might need to change their App Store region to download certain VPN apps because of government restrictions.

If you want to get around firewalls and access the internet without restrictions, or if you're concerned about your privacy and don't want your traffic exposed on public networks like school or café Wi-Fi, you have a couple of options. You can either download a commercial VPN app from the app store, or if you're tech-savvy, you can set up your own VPN.

Buying a commercial VPN might seem like the easiest option, but it's packed with potential risks. Many cheap or even free VPNs are actually honeypots set up by governments or cybercriminals. Using these products is like running naked in front of them.

Setting up a personal VPN is a popular choice for those seeking more control over their online privacy and security. This article will explore the most common VPN protocols used for self-hosted VPNs.

Popular VPN Protocols

Let's dive into the most common VPN protocols:

PPTP

  • Depreciated, not recommended. Early VPN protocol, easy to set up, but not secure.

L2TP/IPSec

  • Secure, but slower than other protocols.
  • Supported by most devices, windows, macOS, iOS, Android, etc.
  • Mobile devices may have trouble connecting to L2TP/IPSec VPNs.

OpenVPN

  • Secure, fast, and stable.
  • Need to install a client.

IKEv2

  • Secure, fast, and stable.
  • Supported by most devices. Windows, macOS, iOS, Android, OpenWRT etc.
  • Mobike support, can switch between networks without losing connections.

WireGuard

  • New, secure, and fast.
  • Need to install a client.

Based on the comparison, IKEv2 strikes a great balance between security and speed, making it a popular choice for self-hosted VPNs. Its wide device compatibility and seamless mobile support are added bonuses and is a particularly good choice for mobile users who frequently switch between Wi-Fi and cellular networks.

While IKEv2 is a powerful protocol, setting up an IKEv2 VPN can be a complex task. It requires a deep understanding of networking protocols and configuration. The process of fine-tuning the configuration to ensure smooth connections on various platforms like Windows, macOS, iOS, and Android can be quite time-consuming.

Use safewoo.com to set up your own VPN

Preqrequisites

You only need a VPS (Virtual Private Server) to set up your own VPN. You can buy a VPS from Cloud providers like AWS, Google Cloud, or DigitalOcean.

Assuming you have a VPS with IP address 34.47.213.45 and username sam, authenticated via SSH key.

Easy way to set up your own VPN

Visit safewoo.com and follow the instructions to set up your own VPN.

  1. Select IKEv2 - EAP (Username and password) as the VPN protocol. Which is the easiest way for beginners.
  2. Input your VPS IP address and username, select SSH Private Key option, and paste your SSH private key.
  3. Click Create VPN and wait for the setup to complete.

The setup process will take a few minutes. Once the setup is complete, you will get Domain name, Username , and Password. You can use this account to connect to your VPN server from any device that supports IKEv2 VPNs.

Enjoy your VPN

Connect to your VPN with iOS

  1. Tag Settings->General->VPN & Device Management->Add VPN Configuration
  2. Select IKEv2 as the VPN type
  3. Enter the following information:
    • Description: A name for your VPN, e.g., My VPN
    • Server: The same Domain name provided earlier.
    • Remote ID: The same domain name provided earlier.
    • Local ID: Leave blank
    • User Authentication: Select Username
    • Username: The same Username provided earlier.
    • Password: The same Password* provided earlier.
    Add iOS VPN

Connect to your VPN with macOS

  1. Open System Preferences->Network
  2. Click the + button to add a new network connection
  3. Enter the following information:
    • Display Name: A name for your VPN, e.g., My VPN
    • Server address: The same Domain name provided earlier.
    • Remote ID: The sam Domain name provided earlier.
    • Local ID: Leave blank
    • User authentication: Select Username
    • Username: The same Username provided earlier.
    • Password: The same Password* provided earlier.
    Add macOS VPN

Connect to your VPN with Windows

NOTE The following steps are for Windows 10. The steps may vary for other versions of Windows.

  1. Open the Windows Settings app.
  2. Click on Network & Internet > VPN > Add VPN
  3. Enter the following information:
    • VPN provider: Windows (built-in)
    • Connection name: A name for your VPN, e.g., My VPN
    • Server name or address: The same Domain name provided earlier.
    • VPN type: IKEv2
    • Type of sign-in info: select Username and password
    • Username: The same Username provided earlier.
    • Password: The same Password* provided earlier.
    Add Windows VPN

Connect to your VPN with Android

NOTE Since the settings of different Android devices may vary, please refer to the mobile phone user manual for detailed instructions.

  1. Find the VPN settings in the phone settings.
  2. Add a new VPN connection.
  3. Select IKEv2/IPSec EAP_MSCHAPV2 or IKEv2 EAP or IKEv2 Username/Password as the VPN type.
  4. Input your Domain name, Username, and Password.

If your Android device does not support IKEv2 EAP, you can install the StrongSwan app from the Google Play Store.

  1. Install the StrongSwan app from the Google Play Store.
  2. Open the app and click Add VPN Profile.
  3. Enter the following infomation:
    • Server: The sam Domain name provided earlier.
    • VPN Type: select IKEv2 EAP (Username/Password).
    • Username: The same Username provided earlier.
    • Password: The same Password* provided earlier.
    • CA Certificate: click Select Automatically
    Add Android VPN
  4. Save the profile and connect to the VPN.

Table of Contents