nordvpn's wg setup

WireGuard® is an extremely simple but fast and modern VPN that utilizes the most advanced encryption technology. Its goal is to be faster, simpler, more streamlined, and more useful than IPsec, while avoiding the headaches. It aims to outperform OpenVPN by a large margin. WireGuard is designed to be a general-purpose VPN that runs on embedded interfaces and supercomputers, suitable for many different environments. Originally released for the Linux kernel, it is now cross-platform (Windows, macOS, BSD, iOS, Android) and widely deployable. It is currently under heavy development, but it is already considered the industry's most secure, easiest to use, and simplest VPN solution.

Preparation#

First, you need a NORD account that can be logged in.
wg client
A VPS, recommended system is Ubuntu or Debian

Getting Started#

Install Docker#

If you don't mind your VPS losing connection after connecting to Nord, you don't need to install Docker.

curl -fsSL https://get.docker.com | bash -s docker

Pull the image

docker pull ubuntu:22.04

Write a Dockerfile

cat <<'EOF' > Dockerfile
FROM ubuntu:22.04

RUN apt-get update && apt-get install -y init locales && apt-get clean all \
    && rm -rf /var/lib/apt/lists/* \
    && localedef -i en_US -c -f UTF-8 -A /usr/share/locale/locale.alias en_US.UTF-8
ENV LANG en_US.utf8
EOF

Build the image

docker build -f ./Dockerfile . -t nordvpn/ubuntu

Start the container

docker run -tid --name nordvpn --privileged=true nordvpn/ubuntu /sbin/init

Install Environment Inside Docker#

First enter the Docker container

docker exec -it nordvpn /bin/bash

Once inside, update everything

apt update && apt upgrade
apt install git wget curl screen vim sudo -y

Getting Started#

Install the required packages

sudo apt install wireguard jq net-tools

Run the following command and follow the instructions on the screen:

sh <(curl -sSf https://downloads.nordcdn.com/apps/linux/install.sh)

sudo nordvpn login

If everything goes well, it will return a link. Copy this link and log in to your browser

Log in to your browser. When you log in successfully, follow the instructions in the picture. If there is a cancel button, it means that I have installed NordVPN on my computer. If you don't have NordVPN installed on your computer, there will be no cancel button.

Go back to the VPS, copy the command below, and replace the double quotes with the link you just copied.

nordvpn login --callback "link you just copied"

As shown in the picture, it means that the login was successful.

After successful login, set NordVPN to use the NordLynx protocol.

sudo nordvpn set technology nordlynx

Connect to a node to get the wg file information. The link format is as follows:

nordvpn c hk  ## Connect to a random Hong Kong node
nordvpn c   ## Connect randomly
nordvpn c hk207 ## Connect to Hong Kong node 207

After connecting, as shown in the picture

At this point, we can use the following command to check the IP. If the IP is different from the VPS, it means that the connection is successful.

curl ipinfo.io

Extract the wg file information

sudo wg showconf nordlynx

Apply the prepared template and import it into the wg client

[Interface]
PrivateKey = Copy the private key
Address = 10.5.0.2/16
DNS = 162.252.172.57, 149.154.159.92

[Peer]
PublicKey = Copy the public key
AllowedIPs = 0.0.0.0/1, 128.0.0.0/1
Endpoint = Copy the IP:51820

I'm using the official wg client here, and the template uses split tunneling. You can refer to this blog for a specific tutorial. You can download it from the official website mentioned earlier. Since many Nord nodes are not available in China, I recommend using a relay to make the nodes more accessible.

Here are some country IPs that can be used in China, compiled by 浪人好兄弟. Replace the IP after the endpoint, and I recommend using the VPS to connect to the corresponding country to get the private and public keys. I use the same private and public keys to connect to different countries without speed.

Hong Kong:
hk203
185.225.234.106
hk204
185.225.234.112
hk206
185.225.234.123
185.225.234.150
hk209
185.225.234.142
hk211
185.225.234.157
hk250
185.225.234.45
hk255
185.225.234.85
hk208
84.17.37.242
hk277
182.225.234.76
United States:
us4735
185.199.103.103
us5059
217.138.208.141
us5066
185.207.249.5
us5070
185.207.249.30
us5073
185.207.249.47
us8274
23.27.44.39
Japan:
jp527
86.48.12.238
jp531
86.48.12.203
jp535
212.102.51.204
jp538
37.120.154.46
jp547
86.48.12.82
jp564
91.207.174.148
jp570
86.48.12.15
jp571
156.146.35.109
jp579
86.48.13.180
jp582
37.120.210.84
jp583
37.120.210.93
jp584
37.120.210.101
jp585
86.48.13.158
jp586
86.48.13.151
jp588
86.48.13.134
jp589
86.48.13.132
jp590
212.102.50.87
jp591
212.102.50.93
jp592
86.48.13.99
jp594
86.48.13.83
jp595
86.48.13.75
jp602
203.10.99.29
jp603
203.10.99.38
jp604
203.10.99.44
jp605
203.10.99.54
jp607
203.10.99.68
jp608
203.10.99.76
jp616
203.10.99.133
203.10.99.132
203.10.99.134
jp620
203.10.99.165
jp624
203.10.99.198
jp628
138.199.21.78
Taiwan:
tw165
185.213.82.25
tw167
185.213.82.44
tw170
185.213.82.113
tw172
185.213.82.88
tw173
185.213.82.119
tw175
185.213.82.162
tw177
185.213.82.176
tw181
185.213.82.235
tw182
185.213.82.244
South Korea:
kr32
210.217.18.69
kr36
172.107.194.188
kr43
210.217.18.79
kr44
172.107.248.230
Singapore:
sg457
86.48.11.103
sg460
86.48.11.138
sg465
84.17.39.245
sg475
86.48.10.131
sg478
84.17.39.207
sg481
86.48.10.44
sg490
86.48.11.10
sg494
86.48.11.43
sg511
86.48.11.196
sg521
84.17.39.139
sg525
86.48.10.135
sg527
86.48.10.188
For other countries, please check by yourself (actually, I don't know, I'm too lazy to check)

vn28
103.9.76.190
vn33
125.212.241.136
al18
31.171.152.22

Conclusion#

Attached are a few test images

speedtest:

youtube:

ip:

The speed is good after using the relay.