Comment on a VPN that is easily self-hostable and resistant to blocking?
mlg@lemmy.world 3 days ago
(I don’t need strong censorship resistance; it just has to work in offices and hotel WiFis.
Wireguard on 443 or OpenVPN + Stunnel on 443
Wireguard is easier to setup because there’s no OpenVPN app that packages stunnel (afaik), so you have to run 2 apps on your phone to make it work.
A server like caddy can also accept HTTPS traffic for some regular websites next to the VPN server.
Wireguard uses UDP, so just run whatever you want on 443 TCP with caddy (unless you want QUIC for some reason?)
Anything beyond that and you’d be looking at using a proper obfuscation solution like Shadowsocks or obfs4, in which case you should look into Amnezia or Tor bridges.
pr3d@eviltoast.org 2 days ago
I think I will stick to wireguard on port 443/udp. Hope UDP is open in strict networks. Maybe someone hasn’t heard of HTTP/3.
Everything else sounds not necessary because I don’t travel to china or similar. stunnel needs termux on android in-between? This adds too many moving parts IMO.
AmneziaWG will enter wg-easy in v16 and WG Tunnel already supports it. Don’t know how hard it it to configure, but the Jc, Jmin, Jmay, … settings in WG Tunne look confusing.