Chris Long

2 minute read


I’ve been lagging behind on keeping my VPN servers up to date, but I was delighted to see that Trail of Bits’ Algo supports Wireguard VPNs (and has for quite awhile now).

Wireguard offers a few advantages over other types of VPNs but the main feature I wanted it for was faster connection negotiations. When using on-demand VPN connections, I don’t want to be waiting more than a few seconds for my connection to be available over VPN.

I recently returned from a two week vacation in Vietnam and Singapore and before I left I decided it was time to test out Wireguard.

Setting Up Algo VPN Severs

For the trip, I had the following requirements for my VPN:

  • Self-hosted
  • iOS and MacOS Support
  • On-demand support for Wifi networks
  • Quick VPN negotiations
  • Easy and quick to configure
  • Relatively cheap and fast

Algo fits the bill for all of these requirements.

The first step is simply to clone the git repo and install the requirements. After that, you just edit the config to add users (or devices):

# This is the list of users to generate.
# Every device must have a unique username.
# You can generate up to 250 users at one time.
users:
  - phone
  - laptop

For this trip, I decided to setup one US-based VPN using AWS lightsail and one APAC-based server using Vultr. Both servers cost ~$2.50 each per month to operate. All that’s needed is to provide Algo with AWS and Vultr credentials (in the form of keypairs and API keys respectively).

Configuring the Clients

MacOS and iOS Wireguard setups are completely painless. There’s a Wireguard app available on the AppStore that supports importing VPN configurations by QR code and/or config file.

iOS

It’s (obviously) easiest to import the config via QR code on iOS. Just navigate to algo/configs/x.x.x.x/wireguard and open up phone.png. From there, I enabled on-demand connectivity for all WiFi networks. It’s honestly really satisfying to see the VPN logo pop up as soon as you connect to a public wifi.

MacOS

The MacOS client is equally easy to set up - just import the tunnel from algo/configs/x.x.x.x/wireguard/laptop.conf and configure your On-Demand settings.

iOS

Parting Thoughts

If you travel or regularly connect to access points you don’t control, there’s no excuse not to be using On-Demand VPNs when Algo makes it this easy. For $2.50/month, trustworthy providers like AWS Lightsail make self-hosting secure VPNs fast and easy.

comments powered by Disqus