How to Install VLESS on IPv6 VPS

Posted on

Both VLESS and VMess have a similar way to install so you can follow this tutorial to install vmess/vless,

  1. If you dont have a VPS yet, you can create a free ipv6 VPS on hax.co.id, Hax’s free VPS is hosted in Singapore so connection may be slow to EU/US except in Asia so use this server for learning only , here is my free VPS from hax:
  2. Check this tutorial for how to connect to ipv6 vps
  3. Requirements, i’m using Ubuntu 20.04 and IPv6 VPS
  4. Pointing your domain to Cloudflare,
    if you don’t have a domain then please use hax dns pointing (must select domain ip6vpn.co other domain won’t work  and its better if you have your own domain). Visit https://hax.co.id/dns-pointing/ and type in any name in “DNS Name”, “Domain Name” select “ipv6vpn.co”, “CF Proxy” is ‘NO’ if your ISP support IPv6 (without Cloudflare proxy, vless will support SNI) but if your isp doesn’t support ipv6 then select YES
  5. then fill in your IPv6 VPS in “ipv6 address”

    my DNS Name:
  6. Connect to your Virtual Machine(VM) then install curl, nano, nginx
    apt update -y
    apt install curl -y
    apt install nano -y
    apt install nginx -y
  7. Next, install VLess
    bash -c "$(curl -L https://github.com/XTLS/Xray-install/raw/main/install-release.sh)" @ install -u root

  8. Generate a self signed certificate and type in anything you like
    cd ~;openssl genrsa -out key.pem 2048
    openssl req -new -x509 -key key.pem -out cert.pem -days 4095

  9. Set nginx to open port 443 and forward to vless
    rm /etc/nginx/sites-enabled/default
    nano /etc/nginx/sites-enabled/default

    remove any config there and change vless.ip6host.co with your DNS Name in step 4 then copy the below config

    server {
        listen [::]:443 ssl http2 ipv6only=on;
        server_name vless.ip6vpn.co;
        ssl_certificate /root/cert.pem;
        ssl_certificate_key /root/key.pem;
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; 
        ssl_verify_client off;
            location  /fastssh {
                proxy_http_version 1.1;
                proxy_ssl_verify off;
                proxy_set_header Upgrade $http_upgrade;
                proxy_set_header Connection "upgrade";
                proxy_set_header Host $http_host;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_pass http://[::1]:1234;
            }
    }

     

  10. create vless configuration
    rm /usr/local/etc/xray/config.json
    nano /usr/local/etc/xray/config.json

    remember “81f1f510-3ca7-4734-8956-0f4fce670af5” is the uuid for login. you can generate a random uuid here https://hax.co.id/uuid

    {
        "log": {
            "loglevel": "none"
        },
        "inbounds": [
            {
                "port": 1234,
                "protocol": "vless",
                "settings": {
                    "clients": [
                        {
                            "id": "81f1f510-3ca7-4734-8956-0f4fce670af5", 
                            "level": 1,
                            "email": "[email protected]"
                        }
                    ],
    				"disableInsecureEncryption": false,
                    "decryption": "none"
                },
    		    "dns": {
    				"servers": [
    				  "2001:67c:2b0::4",
    				  "2001:67c:2b0::6"
    				]
    		    },
                "streamSettings": {
                    "network": "ws",
                    "security": "none",
                    "wsSettings": {
                        "path": "/fastssh" 
                    }				
                }
            }
        ],
      "outbounds": [
        {
    	  "domainStrategy": "UseIPv6",
          "tag": "direct",
          "protocol": "freedom",
          "settings": {}
        },	
        {
          "tag": "blocked",
          "protocol": "blackhole",
          "settings": {}
        }
      ]
    }

     

     

  11. Restart both services and verify it
    service nginx restart
    service xray restart

  12. Finally, you can connect to the server using this configuration (replace hostname and uuid)
    vless://[email protected]:443?path=%2Ffastssh&security=tls&encryption=none&host=vless.ip6vpn.co&type=ws&sni=vless.ip6vpn.co#vless.ip6vpn.co

    Please import to any V2Ray client, dont forget to change the DNS to IPv6 DNS

    2001:67c:2b0::4

    Tested using Xray VPN and it works, Please note that because I am using a Cloudflare proxy then the SNI must be the same as the server address or leave it blank, but if you are looking for internet tricks then you can use the “Reverse Trick” (SNI is the server address and the Server Address is your SNI/Bug” ). In case your Step 4 is NO then you can use both trick, ‘reverse sni’ and ‘sni trick’

See also  DNS64: Why is it good, but not always help