In this tutorial, we will install Trojan on an IPv6 VPS, moreover, we will also make IPv6 VPS accessible to both IPv4 and IPv6 networks so that you can connect from any network to your Trojan server and support SNI.
Requirements : Ubuntu 20.04 & IPv6
- If you dont have a VPS yet, you can create a free ipv6 VPS on Hax.co.id, Hax’s free VPS is hosted in Singapore so connection may be slow to EU/US except in Asia so use this server for learning only , this is my IPv6:
2001:470:1:be9:0000:0002:098f:db26
- Check this tutorial for how to connect to ipv6 vps
- Get your IPv4 and Port by using this tool: IPv4 to access IPv6
we will open port 1194 on our VPS so you have to set the destination is [ipv6]:1194 and the protocol is TCP, for IPv4 port, you can use any port, in this example I am using port 2233 as the image below
- Connect to your Virtual Machine(VM) then update your OS and install curl, nano
apt update -y apt install curl nano -y
- Install Xray core
bash -c "$(curl -L https://github.com/XTLS/Xray-install/raw/main/install-release.sh)" @ install -u root
- Generate a self signed certificate and type in anything you like
cd ~;openssl genrsa -out key.pem 2048 openssl req -new -x509 -key key.pem -out cert.pem -days 4095
- Create trojan configuration
rm /usr/local/etc/xray/config.json nano /usr/local/etc/xray/config.json
and paste the config below, “password”:”Hax@ipv6″ is your trojan password
{ "log": { "loglevel": "none" }, "inbounds": [ { "port": 1194, "protocol": "trojan", "settings": { "clients": [ { "password":"Hax@ipv6", "email": "admin@hax" } ] }, "dns": { "servers": [ "2001:67c:2b0::4", "2001:67c:2b0::6" ] }, "streamSettings": { "network": "tcp", "security": "tls", "tlsSettings": { "alpn": [ "http/1.1" ], "certificates": [ { "certificateFile": "/root/cert.pem", "keyFile": "/root/key.pem" } ] } } } ], "outbounds": [ { "domainStrategy": "UseIPv6", "tag": "direct", "protocol": "freedom", "settings": {} }, { "tag": "blocked", "protocol": "blackhole", "settings": {} } ] }
- Allow traffic forwarding
echo "net.ipv6.conf.all.forwarding=1" >> /etc/sysctl.conf; echo "net.ipv6.conf.all.disable_ipv6=0" >> /etc/sysctl.conf; echo "net.ipv6.conf.default.disable_ipv6=0" >> /etc/sysctl.conf; sysctl -p
- Restart service and verify it
service xray restart netstat -tulpn
- Connect to your Trojan Server
Your trojan configuration will look like this, you can copy and import on any trojan apptrojan://Hax@[email protected]:2233?sni=s.youtube.com#trojan+hax
Hax@ipv6 is my password in step 7
103.253.24.40:2233 is the IPv4 and port in step 3
please set both accordingly and dont forget to change the DNS to IPv6 DNS and enable IPv6 route on your app2001:67c:2b0::4
We have test it on Xray VPN app