Setup a V2Ray server
Setup a V2Ray server allows you to create a custom VPN or proxy server with advanced features such as multiple protocols, routing rules, and security measures. V2Ray is often used to bypass internet censorship, improve privacy, or enhance speed for certain applications. Below is a guide for setting up a V2Ray server on a VPS (e.g., on an Ubuntu server) and configuring it to run securely.
Prerequisites
- A VPS with a public IP address, running Ubuntu 18.04+ or Debian 9+.
- Basic knowledge of command-line operations.
- A domain name (optional, but recommended for easier access and setting up TLS encryption).
Step 1: Update and Install Necessary Packages
Log into your server and update it:
sudo apt update && sudo apt upgrade -y
Install necessary packages:
sudo apt install -y curl vim unzip
Step 2: Install V2Ray
The official V2Ray team offers a script to simplify installation:
bash <(curl -L https://install.direct/go.sh)
This will:
- Download the latest version of V2Ray.
- Install it to
/usr/local/bin/v2ray. - Create necessary configuration directories (
/etc/v2ray). - Set up systemd services.
Once the script completes, V2Ray will be installed and ready to configure.
Step 3: Configure V2Ray Server
The main configuration file for V2Ray is located at /etc/v2ray/config.json. Here is a basic configuration for a V2Ray server using VMess protocol with WebSocket transport:
Open the configuration file:
sudo vim /etc/v2ray/config.jsonReplace its contents with a simple configuration:
{ "inbounds": [ { "port": 443, "protocol": "vmess", "settings": { "clients": [ { "id": "YOUR_UUID", "alterId": 64 } ] }, "streamSettings": { "network": "ws", "wsSettings": { "path": "/v2ray" } } } ], "outbounds": [ { "protocol": "freedom", "settings": {} } ] }Replace
YOUR_UUIDwith a unique UUID for your client. Generate a UUID with:uuidgenAdjust the
portif 443 is already in use, or if you want to use a custom port.
Step 4: Set Up TLS (Optional but Recommended)
TLS encrypts your traffic, making it harder to detect or block.
Install Certbot:
sudo apt install -y certbotRequest a certificate for your domain:
sudo certbot certonly --standalone -d yourdomain.comUpdate the
config.jsonto include TLS settings:{ "inbounds": [ { "port": 443, "protocol": "vmess", "settings": { "clients": [ { "id": "YOUR_UUID", "alterId": 64 } ] }, "streamSettings": { "network": "ws", "security": "tls", "tlsSettings": { "certificates": [ { "certificateFile": "/etc/letsencrypt/live/yourdomain.com/fullchain.pem", "keyFile": "/etc/letsencrypt/live/yourdomain.com/privkey.pem" } ] }, "wsSettings": { "path": "/v2ray" } } } ], "outbounds": [ { "protocol": "freedom", "settings": {} } ] }Restart V2Ray to apply the new settings:
sudo systemctl restart v2ray
Step 5: Open the Firewall Ports
Ensure that your firewall allows traffic on the port you’ve chosen for V2Ray (443 in this example):
sudo ufw allow 443/tcp
sudo ufw allow 443/udp
Step 6: Configure V2Ray Client
To connect to your server, you’ll need a V2Ray client app (e.g., V2RayN for Windows or Shadowrocket for iOS).
In the client app, use these settings:
- Address:
yourdomain.comor server IP - Port:
443 - UUID: The UUID you generated for
YOUR_UUID - AlterID:
64 - Network:
WebSocket - Path:
/v2ray - TLS: Enable, if you’ve set up TLS.
- Address:
Save and connect.
Step 7: Start and Enable V2Ray Service
Enable and start V2Ray as a service to keep it running:
sudo systemctl enable v2ray
sudo systemctl start v2ray
Troubleshooting Tips
- Logs: If V2Ray is not working, check the logs with:
sudo journalctl -u v2ray -f - Firewall: Double-check that the firewall settings match your V2Ray configuration.
- Config Validation: Use
jqto validateconfig.jsonsyntax:jq . /etc/v2ray/config.json
You now have a working V2Ray server!