Create your very own No-Log VPN Server Using OpenVPN or strongSwan

Fed up using a public VPN and thinking of setting up your VPN server or even service? This guide will tell you how to prevent connection logs that come with time stamps from logging to the system through modern VPN protocols.

OpenVPN:

To prevent OpenVPN from logging onto the system, you must add these three lines of text to your server conf file.

 verb 0
 log /dev/null
 status /dev/null

This will prevent OpenVPN from posting logs to the system log daemon. You will have to restart your OpenVPN service for this to take effect.

strongSwan:

strongSwan is an open source IPsec-based VPN solution for setting up a fast and secure IKEv2 (Internet Key Exchange v2) IPsec tunnel. To prevent strongSwan from posting logs to the system log daemon, simply edit the config file strongswan.conf usually located under /etc/strongswan/ and add the following lines to the bottom of this file.

charon {
    syslog {
        daemon {
            default = -1
       }
   }
}

We also recommend adding the below block if using systemd to prevent logging to the journal:

charon-systemd : charon {
    journal {
        default = -1
   }
}

Then simply restart strongswan for these changes to take effect.

Wireguard

By default, wireguard does not normally log any sensitive connection information to the system log daemon or the journal.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.