Getting NordVPN WireGuard details

GetNordVPNWireGuardDetails.md

About

Instructions to obtain WireGuard details of your NordVPN account. These can be used to setup a WireGuard tunnel on your router to NordVPN.

Source: https://forum.gl-inet.com/t/configure-wireguard-client-to-connect-to-nordvpn-servers/10422/27

Prerequisites

If you have any linux machine, use that or install a vm if you don't have one.

Get their official linux app installed. Make sure you have wireguard installed too. And set the used technology to Nordlynx by running nordvpn set technology nordlynx

Fetching details

Connect to nordvpn with command: nordvpn connect (don't forget to login with nordvpn login --legacy).

Fetch (your) IP address

After successful connection run

ifconfig nordlynx

Fetch your private key

Run

sudo wg show nordlynx private-key

Output of this command should be something like this:

CKMAE9LARlt2eZHgGnNaSUYiKllKJN7f3hed/bWm5E8=

The key above is just a random key for demo purposes.

Fetch your public key

Run

sudo wg show nordlynx public-key

Output of this command should be something like this:

TO158iXbNXt2eZHgGnNaSUYiKZHgGN7f3hed/bWm5E8=

The key above is just a random key for demo purposes.

Fetch server details

Make sure you have curl and jq installed on your host/router. These are needed to be able to fetch the config of NordVPN Server. If not installed, go ahead and install

opkg install curl jq

After installation enter the command below to fetch the recommended server config:

curl -s "https://api.nordvpn.com/v1/servers/recommendations?&filters\[servers_technologies\]\[identifier\]=wireguard_udp&limit=1"|jq -r '.[]|.hostname, .station, (.locations|.[]|.country|.city.name), (.locations|.[]|.country|.name), (.technologies|.[].metadata|.[].value), .load'

Output:

uk1818.nordvpn.com #your endpoint host
178.239.166.185 #its ip address
London #city
United Kingdom #country
K53l2wOIHU3262sX5N/5kAvCvt4r55lNui30EbvaDlE= #Server public key
10 #Server load at the time.

Or just visit the following url https://api.nordvpn.com/v1/servers/recommendations?&filters\[servers_technologies\]\[identifier\]=wireguard_udp&limit=1 from your browser and look for the details manually.

Thank you for this great work. I use it on my Banana Pi M3 with Armbian OS. @GY8VSdYYzvL8-K6T it will work with Raspberry Pi, too. Is there a possibility to write this script for other VPNs?

Absolutely, Surfshark and Mullvad VPN are great options that support WireGuard technology. From my research, they indeed offer WireGuard servers, and you can manually set it up. Although I don't have direct access to these VPNs currently, if you can provide more detailed data about them, we could potentially explore some innovative solutions together!

Absolutely, Surfshark and Mullvad VPN are great options that support WireGuard technology. From my research, they indeed offer WireGuard servers, and you can manually set it up. Although I don't have direct access to these VPNs currently, if you can provide more detailed data about them, we could potentially explore some innovative solutions together!

Let's test it with Mullvad VPN or Hide.me

Absolutely, Surfshark and Mullvad VPN are great options that support WireGuard technology. From my research, they indeed offer WireGuard servers, and you can manually set it up. Although I don't have direct access to these VPNs currently, if you can provide more detailed data about them, we could potentially explore some innovative solutions together!

Let's test it with Mullvad VPN or Hide.me
I decided to give Mullvad a test run and stumbled upon an API to fetch all their servers. It took me a little while to whip up some usable code, but things got tricky when I tried to snag the addresses. Turns out they're dynamic, which I realized after messing around with their config generator on https://mullvad.net/en/account/wireguard-config. Each time I generated a config for a new device, it spat out a unique address for the [Interface] part.

I hit a bit of a snag trying to crack the code on those dynamic addresses. But hey, I reckon using their tool should do the trick. On the other hand, I drew a blank when it came to Hide.me. Couldn't find a thing about setting up WireGuard configs.If u find anything we shall meet again in the comments :>

The only way to use hide.me with Wireguard is to use the hide.client.linux. There are no WireGuard configs.
I found this https://github.com/Seyloria/hide.me-server-switch and this https://github.com/passepartoutvpn/api-source-hideme?tab=readme-ov-file