Use OpenVPN over Shadowsocks
Before we start
- Setup OpenVPN server
https://www.digitalocean.com/community/tutorials/how-to-set-up-and-configure-an-openvpn-server-on-ubuntu-20-04 - Setup Shadowsocks server
https://thematrix.dev/setup-go-shadowsocks-on-ubuntu/
Configure client side
Open the client .ovpn file.
Add this line to use SOCKS5 proxy on localhost port 1080.
socks-proxy 127.0.0.1 1080
Add this line to skip routing the connection to Shadowsocks server via OpenVPN.
route SHADOWSOCKS_SERVER_IP 255.255.255.255 net_gateway
Add necessary routing if you needed. For example, this skips connection in LAN connecting via OpenVPN.
route 192.168.0.0 255.255.0.0 net_gateway
Eventually your .opvn file will look like below:
client
dev tun
proto tcp
remote [OPENVPN_SERVER_IP] [OPENVPN_SERVER_PORT]
resolv-retry infinite
nobind
persist-key
persist-tun
remote-cert-tls server
auth SHA512
cipher AES-256-CBC
ignore-unknown-option block-outside-dns
block-outside-dns
verb 3
socks-proxy 127.0.0.1 1080
route SHADOWSOCKS_SERVER_IP 255.255.255.255 net_gateway
route 192.168.0.0 255.255.0.0 net_gateway
<ca>
...
</ca>
<cert>
...
</cert>
<key>
...
</key>
<tls-crypt>
...
</tls-crypt>
To connect:
sudo openvpn --config client.ovpn
To connect OpenVPN automatically after boot, change the filename from .ovpn
to .conf
, and move the file to /etc/openvpn/client/
sudo mv client.opvn /etc/openvpn/client.conf
Enable and start the service.
sudo systemctl enable [email protected]
sudo systemctl start [email protected]