What is Amnezia VPN?

Amnezia VPN is a project developed by Russian internet activists focused on finding solutions to combat state censorship. It is a free, open-source application that allows users to set up personal VPNs on their own servers using protocols like WireGuard, OpenVPN, and Shadowsocks. Created with the goal of bypassing censorship, Amnezia effectively undermines Deep Packet Inspection (DPI) by obfuscating traffic, making it harder for DPI systems to detect or block VPN usage. Amnezia is effective even in heavily restricted countries such as Russia, China, and Iran.

Amnezia WG VPN (AmneziaWG) is particularly designed to function in the harshest internet climates, where conventional VPNs may struggle.

What is AmneziaWG VPN?

AmneziaWG VPN specifically refers to the WireGuard protocol implementation in Amnezia. Amnezia introduced AmneziaWG, an enhanced version of WireGuard designed for use in the most restrictive internet environments. AmneziaWG is optimized for environments with extreme censorship and can bypass sophisticated blocking mechanisms better than a standard WireGuard installation.

Installing AmneziaWG VPN on a VPS

  1. Install Ubuntu 22.04 on your EDIS Global VPS. VPS in Estonia works great from and to Russia, VPS in Amsterdam works well in Iran, but any other VPS location will do a great job as well.

  2. Connect to the VPS server using the SSH protocol:

ssh root@VPS_IP_address
Enter root password:
  1. Update the sources list with the following commands:
# Backup the current sources list
cp -f /etc/apt/sources.list /etc/apt/sources.list.backup

# Enable source repositories
sed "s/# deb-src/deb-src/" /etc/apt/sources.list.backup > /etc/apt/sources.list

# Update and upgrade packages
apt update -y && apt upgrade -y
  1. Enable traffic routing for the AWG driver:
echo "net.ipv4.ip_forward = 1" > /etc/sysctl.d/00-amnezia.conf
  1. Reboot your system:
reboot
  1. Create a new directory and navigate to it:
mkdir -p ~/awg && cd ~/awg
  1. Install AmneziaWG packages:
# Add AmneziaWG repository
add-apt-repository -y ppa:amnezia/ppa

# Install AmneziaWG
apt install -y amneziawg
  1. Verify that all necessary drivers are available in the system:
lsmod | grep amnezia

Expected output:

amneziawg              98304  0
curve25519_x86_64      36864  2 amneziawg,wireguard
libchacha20poly1305    16384  2 amneziawg,wireguard
libcurve25519_generic  49152  3 amneziawg,curve25519_x86_64,wireguard
ip6_udp_tunnel         16384  2 amneziawg,wireguard
udp_tunnel             20480  2 amneziawg,wireguard

If the above command shows no output, try:

modprobe amneziawg && lsmod | grep amnezia
  1. Install required utilities:
# Install system utilities
apt install curl wget python3 python3-pip

# Install Python QR code generator
pip3 install qrcode
  1. Download the configuration script:
cd ~/awg
wget -O awgcfg.py https://gist.githubusercontent.com/remittor/8c3d9ff293b2ba4b13c367cc1a69f9eb/raw/awgcfg.py
  1. Generate the main AWG configuration:
# You can customize the subnet (10.10.8.1) and UDP port (42666) as needed
python3 awgcfg.py --make /etc/amnezia/amneziawg/awg0.conf -i 10.10.8.1/24 -p 42666
  1. Generate the configuration template for client configs and QR codes:
python3 awgcfg.py --create
  1. Add new clients to the main configuration:
# Add first client
python3 awgcfg.py -a "my_amneziawg_client1"

# Add second client
python3 awgcfg.py -a "my_amneziawg_client2"
  1. Generate client configurations:
python3 awgcfg.py -c -q
  1. Configure and start the AWG tunnel interface:
# Enable AmneziaWG at system startup
systemctl enable --now awg-quick@awg0

# Restart the service
systemctl restart awg-quick@awg0.service

# Check service status
systemctl status awg-quick@awg0.service

Successful configuration should show output similar to:

vps systemd[1]: awg-quick@awg0.service: Deactivated successfully.
vps systemd[1]: Stopped WireGuard via wg-quick(8) for awg0.
vps systemd[1]: Starting WireGuard via wg-quick(8) for awg0...
vps awg-quick[8284]: [#] ip link add awg0 type amneziawg
vps awg-quick[8284]: [#] awg setconf awg0 /dev/fd/63
vps awg-quick[8284]: [#] ip -4 address add 10.10.8.1/24 dev awg0
vps awg-quick[8284]: [#] ip link set mtu 1420 up dev awg0
vps awg-quick[8284]: [#] iptables -A INPUT -p udp --dport 42666 -m con>
vps systemd[1]: Finished WireGuard via wg-quick(8) for awg0.
  1. Verify AWG status:
awg show

You can now copy the generated client configurations (my_amneziawg_client1, my_amneziawg_client2) to your client machines. For client setup instructions, choose your platform:

Additional Resources

Official Documentation and Guides:

Platform-Specific Guides: