VPN hosted in Switzerland
Do you sometimes get the chills when you log into a public Wi-Fi? VPN can protect your traffic and Switzerlands laws can protect your data. Cost of hosting your own VPN on GCP is about $7 per month, you get $300 credits for the first year.
How to setup WireGuard
WireGuard connections are reliable and durable, latency is pretty low.
“Always free” f1-micro VMs are only available in us-west1, us-central1, us-east1
-
Login to your GCP console and create a new project.
-
Create a new VM (Compute Engine -> VM instances)
- Region: europe-west6
- Machine type: f1-micro
- Networking > Network tags:
wireguard-vpn
- Networking > Network Interface > External IP: “Create IP address” and reserve a static IP address.
- Networking > Network Interface > Turn on IP forwarding on the default interface.
-
SSH into the machine and run the wireguard-install installer. Make sure the PUBLIC_IP is the external IP of the machine.
|
|
-
After the installation finished you can use the QR code to setup WireGuard on your phone, but it does not work yet! We need to forward ports.
-
Create a new Firewall Rule (VPC network > Firewall rules)
- Target tags:
wireguard-vpn
- Source IP ranges: 0.0.0.0/0
- Ports: UDP 53133
- Target tags:
-
Test the connection. Restart the VM and check if it still works.
-
Setup a budget alert.
-
If google.com does not work change MTU, because Google
In the client config add MTU = 1360
to the [interface]
.
On the server change it for the interface:
|
|
It is also possible to deploy WireGuard as mesh between VPS servers so each VPS instance has each other VPS as peer, which is pretty awesome.
How to setup IPSec/Cisco VPN
-
Login to your GCP console and create a new project.
-
Create a new VM (Compute Engine -> VM instances)
- Region: europe-west6
- Machine type: f1-micro
- Networking > Network tags:
ipsec-vpn
- Networking > Network Interface > External IP: “Create IP address” and reserve a static IP address.
- Networking > Network Interface > Turn on IP forwarding on the default interface.
-
configure a startup script, or SSH into the machine and run it manually
|
|
-
Create a new Firewall Rule (VPC network > Firewall rules)
- Target tags:
ipsec-vpn
- Source IP ranges: 0.0.0.0/0
- Ports: UDP 500 and 4500
- Target tags:
-
Wait until Virtual machine is ready, like 5 minutes.
-
Test the connection. Restart the VM and check if it still works.
-
Setup a budget alert.
How to setup a full package
Algo VPN is a bunch of scripts that set everything up for you, with DNS block and resolver etc.