How to setup a VPN server for avoiding geofencing?

Hi all, this is my very first topic here. Long time lurker of the youtube channel, first time posted in the forums, so feel free to correct me if I’m posting in the wrong location (I didn’t find any specfic guide).

I want to setup a VPN to circumvent geofencing right now. Living in Brazil, we have several content creators that are blocked right now in different sites (Twitter, Youtube, Facebook and others), and I’d like to use this opportunity to learn how to do it myself, but my knowledge of the theme is limited.

The requirements are kind of simple: be able to access the internet, using a VPN to set my my IP as one being from USA or Canada. I’d like to do this at either router level (currently an Archer C6, but I can change that if necessary) or at PC level for non-experts users (running Windows 10). If I could share the same solution on Android phones it would be great, but it’s not a must-have.

I’ve watched L1 Linux videos about Wireguard, but a few things are not 100% clear to me yet.

For example, do I need to buy/rent a server in US in order to run it ? (I’m assuming yes).
If so, which should be the specs, or how should I calculate it ?
Given that I want to consume Videos, is there a limitation I should be aware of when setting up one of these servers ?

I have a good bit of experience doing this for various reasons. To answer your questions:

Wireguard is fantastic. Easily my go-to VPN protocol.

Yes, you need to rent a server in the location you want to “exit” in.
The specs of the server itself don’t really matter all that much. I typically go with 1 core CPU, 1GB RAM, any size storage. The most important things to lookout for are bandwidth limitations, especially since you want to consume video.

Some great server providers I have used in the US in the past are Vultr, Linode, AWS(little complex), Azure, and Digital Ocean. There are tons to choose from though.

Feel free to PM me if you have any questions

It is more secure if you rent your own AWS server in the US to VPN to and route traffic from, but it is much easier and far more common for people in your situation to simply get a subscription from a VPN provider that has their own servers.
Check into Surfshark, NordVPN, Private Internet Access

I got around IRS website geofencing so we could do our USA taxes from here by just spinning up a copy of squid in azure to just proxy the https requests. It took me like 15 minutes.

Wireguard is fantastic. Easily my go-to VPN protocol.

Thank you @PocketSand17 , do you think the guide here from Level1 is enough or should I take any extra steps to make sure everything is well configured ? Sorry, I don’t have enough permissions to link the guide, but it’s the video yDgpBC7c1uY on L1’s Youtube channel.

Check into Surfshark, NordVPN, Private Internet Access

@EniGmA1987 will do, thanks! Any suggestion on which would be easier to use or safer ?

spinning up a copy of squid in azure to just proxy the https requests. It took me like 15 minutes.

@thro , thanks, that looks interesting as well. Do you have any guide you can share so I can take a look ?

@Machado I just skimmed the video and the instructions provided seem sufficient to get things working.

Also, what @EniGmA1987 said is true. You can probably get a subscription to the VPN provider of your choice for roughly the same amount of money. Though they may limit your bandwidth more than VPS providers will. YMMV

@PocketSand17 , I appreciate it! The other VPN providers I’ll test in order to recommend to family/friends, but I prefer the DIY route, so I’m going all in in the Wireguard stuff. I’m building a local VM to test this stuff before commissioning a new one at Linode, they seem to be the best option so far. That way I can try to automate if with an Ansible script, and just transpose the script from here to there for repeatability.

2 Likes

That’s the way to do it!

1 Like

One of my recent bookmarked sites: https://serverhunter.com .
You can filter to the specs you need. I got myself a small VM from buyvm recently through them.

One thing even easier than wireguard is to use something like Tailscale - where you can configure the VM as an exit node.

1 Like

Why not just use traditional VPN services and buy dedicated IP addresses from them? I use VPN a lot due to block issue and I usually verify my new IP address from https://whatismyip.live and similar websites and everything has been good for me so far.

@williamsmith , It would be easier, but the goal is two-folded: Learn something new and deploy the VPN with as much control over everything as needed. Using a 3rd party provider means I have to trust someone else more then I’m willing to right now.

@risk , thank you so much, sir! For now I’m running with Linode, but that may change easily in the near future.

@PocketSand17 , I’ve managed to find a good example on Github with some pre-made ansible scripts, and based my solution from there. I can’t post links yet, but this is the original author: GitHub - namm2/wireguard

In the end I did my own as it was a learning project for me, but now the VPN is working, and I get to choose the exit point and recreate the whole infrastructure in a few seconds.

It took me a couple of months to finish everything with all the side projects going on, but in the end, all is working thanks to you. You guys rock.

Thank you a lot!