Self-hosted VPN from home to use in China

Hey, I was wondering If there are any VPNs like Tailscale, or other programs that is not firewall blocked in China. I wanted to run the VPN from home and somehow access my home networks from laptop and phone in China. Has anyone here ever done that before?

I am going to China for sometime to work, and i do not really want to use like AstrillVPN or some others “VPN” you see on the internet.

tailscale works in china both ways. i have a box set up in china and back home. i can access both networks and run exit nodes

Kind of, I shared mine with a family member for a trip to China, it worked the first day, the second day he complained that it was not working. And I also noticed way too many ssh attempts to my IP from china since then. Then I decided to close it all

I use a small sub $100 mikrotik router with built in wireguard support and a simple port forwarding in my router in a router-on-a-stick configuration. Use some free dynamic dns service to keep track of your home IP and thats all.

You can use any type of VPN. But the GFW of China does some kind of traffic fingerprinting, so your home IP might be blocked after several days of usage. Either setup a timer in your home to obtain a new IP every day, or use a commercial VPN on top of your home VPN.

Something self-hosted and VLESS-based.

One of _easy_ solutions is install amnezia’s android app, get vps(or locally-hosted and externally accessible VM) and ask it for configure it (use VLESS/XRay, not AmneziaWG). You have to trust amnezia’s authors.

Or read manuals how to configure it _correctly_ yourself

What’s wrong with using Astrill? I was there for a month and it worked great. The GFW will likely recognise your IP as a VPN within a few days if you use a commonly used service and block it and you’re going to end up needing something like Astrill anyway. They have to change access and IPs almost daily to get around the firewall.

Also if you’re there when there’s a major political event in China (like a large governmental summit etc) nothings going to work anyway.

vpn doesn’t spoof traffic, it only encrypts it, this is the biggest difference between the vpn protocol and other anti-censorship protocols like shadowsocks. If you want to pass gfw you have to use anti-censorship protocols.

its an unequal war, gfw doesn’t need to have proof that you’re accessing censored content to want to block the ip you’re accessing, gfw can block the ip you’re accessing as long as they feel you can

if you want to start with anti-censorship, google sing-box(a proxy toolkit include server end and user end solution)

China hunts down any VPN and kicks you off after a few hours. Shadowsocks used to work.

It’s a good way to get in trouble with the authorities.

Well most people use wireguard and port forward their router. This requires public/static ip. I recommend using some random port like 2371 and not the standard wireguard port.

如果你去上海的话可能就不必担心了,最近上海市政府颁发了新的红头文件,部分地区开放了对外网访问的限制。

Does Tailscale not work in China?

I use WireGuard running on my TP-Link router. You also can run it on Raspberry Pi, or any other mini computer.

Dynamic DNS is always a valid option if you don’t have a static IP. That’s how I use my WireGuard with zero issues.

在 openwrt 中安装一个 openshell or shellcrash(GitHub - juewuy/ShellCrash: Run sing-box/mihomo as client in shell) 的软件,开启透明代理。

Yes ofc i just mean it can be tricky if you behind cg-nat