5 Best Self-hosted VPN/Proxy Solutions in 2023

If you want to use VPN for whatever reason, it’s always easy to sign up for a commercial VPN provider like ProtonVPN. But sometimes, a self-hosted VPN server provides more benefits and this article will list the 5 best solutions.

5 Best Self-hosted VPN/Proxy Solutions

Self-Hosted VPN/Proxy Benefits

  • Dedicated IP Address
  • The No Logging policy of commercial VPN providers may not be trustworthy. With a self-hosted VPN, you can have total control of the server logging.
  • It allows you to set up an IP whitelist to secure web applications.
  • You can use the VPN server for many other tasks, like self-hosted cloud storage server.

But how do you get started with a self-hosted VPN? Which VPN protocol should you choose? Let’s discuss them!

1. OpenConnect VPN

OpenConnect VPN is an open-source implementation of Cisco AnyConnnect VPN protocol, which is widely used in businesses and universities.

Features:

  • Lightweight and fast.
  • Runs on Linux and most BSD servers.
  • Compatible with Cisco AnyConnect client
  • There is OpenConnect client software for Linux, macOS, Windows, and OpenWRT. For Android and iOS, you can use the Cisco AnyConnect Client.
  • Supports password authentication and certificate authentication
  • Supports RADIUS accounting.
  • Supports virtual hosting (multiple domains).
  • Easy to set up
  • Resistant to deep packet inspection (DPI). It’s based on HTTPS, so very good at penetrating firewalls.

Best For: Folks who need a VPN solution for bypassing national firewalls, or manage lots of VPN users, and also don’t want to sacrifice speed.

Setup Guide: Set Up OpenConnect VPN Server (ocserv) on Ubuntu 22.04 with Let’s Encrypt

2. OpenVPN

OpenVPN is an open-source, robust, and highly flexible VPN solution.

Features:

  • Runs on Linux and most BSD servers.
  • There is OpenVPN client software for Linux, macOS, Windows, Android, and iOS, and OpenWRT.
  • Supports RADIUS accounting.
  • Supports virtual hosting (multiple domains).
  • Easy to set up
  • Supports SSL/TLS security, ethernet bridging, TCP or UDP tunnel transport through proxies or NAT.
  • Support for dynamic IP addresses and DHCP
  • Scalability to hundreds or thousands of users
  • Supports conventional encryption using a pre-shared secret key (Static Key mode) or public key security (SSL/TLS mode) using client & server certificates

Setup Guide: How to Set Up OpenVPN with Stunnel on Ubuntu 22.04/20.04 Server

3. WireGuard

WireGuard is made specifically for the Linux kernel. It runs inside the Linux kernel and allows you to create fast, modern, and secure VPN tunnel.

Features:

  • Lightweight and super fast speed, blowing OpenVPN out of the water.
  • Cross-platform. WireGuard can run on Linux, BSD, macOS, Windows, Android, iOS, and OpenWRT.
  • User authentication is done by exchanging public keys, similar to SSH keys.
  • It assigns static tunnel IP addresses to VPN clients. Some folks may not like it, but it can be very useful in some cases.
  • Mobile devices can switch between Wi-Fi and mobile network seamlessly without dropping any connectivity.
  • It aims to replace OpenVPN and IPSec in most use cases.

Best For: Folks who want the fastest speed.

Setup Guide: Set Up Your Own WireGuard VPN Server on Ubuntu 22.04/20.04/18.04

4. SoftEtherVPN

SoftEther VPN is an open-source multi-protocol VPN software developed by the University of Tsukuba in Japan.

Features:

  • Super stable SSTP VPN Connection
  • Lightweight and fast.
  • Runs on Linux, FreeBSD, macOS, Solaris, and Windows servers, including support for X86, AMD64, ARM, PowerPC, MIPS architecture.
  • Supports multi-protocols, including traditional protocols like OpenVPN, L2TP, IPSec, SSTP, and the in-house SoftEtherVPN protocol, which is an HTTPS-based VPN protocol.
  • There is SoftEther client software for Linux, macOS, Windows, including support for ARM, PowerPC, and MIPS architecture.
  • NAT Traversal allows for running SoftEther VPN server behind a NAT without port forwarding. (enabled by default).
  • VPN over ICMP / VPN over DNS allows for establishing VPN connection by using ICMP or DNS even if the firewall or router blocks every TCP or UDP connection.
  • An HTML5-based modern admin console.

Best For: Folks who want multiple VPN protocols on the same server without manually setting up each one.

Setup Guide: How to Set Up SoftEther VPN Server on Ubuntu 22.04/20.04

5. V2Ray

V2Ray isn’t a VPN, but a proxy. V2Ray is a lightweight, fast, and secure Socks5 proxy. Originally developed to bypass the Great Firewall of China.

Features:

  • Lightweight and fast.
  • Runs on Linux and most BSD servers.
  • There is official V2Ray client software for Linux, macOS, Windows, and BSD. For Android and iOS, there are third-party apps available.
  • Easy to set up for system administrators
  • V2Ray can be configured to operate on TCP port 443 and uses standard TLS protocol to encrypt network traffic. It looks like a standard HTTPS protocol, which makes it hard to be blocked.
  • Supports KCP transport protocol, which is useful in network environments with high packet loss.
  • Routing support. You can configure it to only route traffic for websites/domains that are blocked in your country or area.
  • You can run it behind Cloudflare CDN.
  • V2Ray is more than a simple proxy tool. It’s designed as a platform that developers can use to build new protocols and tools.

Setup Guide: How to Set Up V2Ray Proxy on Ubuntu 22.04/20.04 Server

Multiple VPN Protocols on a Single Server

Of course, you can always use multiple VPN protocols on the same server. Here are two possible combinations.

  • OpenConnect VPN + OpenVPN + WireGuard + V2ray
  • Softether VPN + WireGuard + V2ray

OpenConnect VPN and SoftEther VPN both use TCP port 443, so they can’t run on the same server. SoftEtherVPN has a built-in OpenVPN functionality, so you don’t need to manually install OpenVPN when SoftEtherVPN is already installed.

Wrapping Up

I hope this article helped you choose a self-hosted VPN/Proxy solution. As always, if you found this post useful, then subscribe to our free newsletter to get more tips and tricks 🙂

Rate this tutorial
[Total: 0 Average: 0]

2 Responses to “5 Best Self-hosted VPN/Proxy Solutions in 2023

  • The Iranian government is harshly blocking openconnect vpn, even surprisingly on port 443. Are there any tricks to disguise OpenConnect VPN and make it harder to block?

Leave a Comment

  • Comments with links are moderated by admin before published.
  • Your email address will not be published.
  • Use <pre> ... </pre> HTML tag to quote the output from your terminal/console.
  • Please use the community (https://community.linuxbabe.com) for questions unrelated to this article.
  • I don't have time to answer every question. Making a donation would incentivize me to spend more time answering questions.

The maximum upload file size: 2 MB. You can upload: image. Links to YouTube, Facebook, Twitter and other services inserted in the comment text will be automatically embedded. Drop file here