I’ve been lagging behind on keeping my VPN servers up to date, but I was delighted to see that Trail of Bits’ Algo supports Wireguard VPNs (and has for quite awhile now).
Wireguard offers a few advantages over other types of VPNs but the main feature I wanted it for was faster connection negotiations. When using on-demand VPN connections, I don’t want to be waiting more than a few seconds for my connection to be available over VPN.
I recently had a vacation in Vietnam and Singapore and before I left I decided it was time to modernize my VPN servers.
Setting Up Algo VPN Severs
For the trip, I had the following requirements for my VPN: - Self-hosted - iOS and MacOS Support - On-demand support for Wifi networks - Quick VPN negotiations - Easy and quick to configure - Relatively cheap and fast
Algo fits the bill for all of these requirements.
The first step is simply to clone the git repo and install the requirements. After that, you just edit the config to add users (or devices):
# This is the list of users to generate. # Every device must have a unique username. # You can generate up to 250 users at one time. users: - phone - laptop
For this trip, I decided to setup one US-based VPN using AWS lightsail and one APAC-based server using Vultr. Both servers cost ~$2.50 each per month to operate. All that’s needed is to provide Algo with AWS and Vultr credentials (in the form of keypairs and API keys respectively).
Configuring the Clients
MacOS and iOS Wireguard setups are completely painless. There’s a Wireguard app available on the AppStore that supports importing VPN configurations by QR code and/or config file.
It’s (obviously) easiest to import the config via QR code on iOS. Just navigate to
algo/configs/x.x.x.x/wireguard and open up
phone.png. From there, I enabled on-demand connectivity for all WiFi networks. It’s honestly really satisfying to see the VPN logo pop up as soon as you connect to a public wifi.
The MacOS client is equally easy to set up - just import the tunnel from
algo/configs/x.x.x.x/wireguard/laptop.conf and configure your On-Demand settings.
If you travel or regularly connect to access points you don’t control, there’s no excuse not to be using On-Demand VPNs when Algo makes it this easy. For $2.50/month, trustworthy providers like AWS Lightsail make self-hosting secure VPNs fast and easy.