Skip to content

Quick Start

Get R-VPN up and running in under 5 minutes.

Prerequisites

  • A server with a domain name (for TLS certificates)
  • Client device (macOS, Linux, or router)
  • Basic command line knowledge

Step 1: Download Binaries

Download the pre-built binaries from the dist/ folder:

# Universal binary (Intel + Apple Silicon)
curl -L -o rvpn https://your-server.com/dist/rvpn-macos-arm64
chmod +x rvpn

# Server binary
curl -L -o rvpn-server https://your-server.com/dist/rvpn-server-macos-arm64
chmod +x rvpn-server

# x86_64
curl -L -o rvpn https://your-server.com/dist/rvpn
curl -L -o rvpn-server https://your-server.com/dist/rvpn-server-x86_64-linux
chmod +x rvpn rvpn-server

Step 2: Generate Keys

Generate identity keys for client and server:

# Generate server identity key
./rvpn-server keygen

# Generate client identity key
./rvpn keygen --output identity.key

Step 3: Generate Prekey Bundle

Generate the server's prekey bundle for X3DH authentication:

./rvpn-server prekey-bundle --identity server_identity.key --output bundle.json

This creates: - bundle.json - Public prekey bundle (distribute to clients) - bundle.private.json - Private prekey data (keep on server)

Step 4: Configure Client

Create client.toml:

# Server connection
server_address = "wss://your-server.com:443/connect"
identity_key_file = "identity.key"
prekey_bundle = "bundle.json"

# SOCKS5 proxy settings
[socks5]
listen_address = "127.0.0.1:1080"
udp_associate = true

# TUN device settings (optional, for full VPN mode)
[tun]
interface_name = "rvpn0"
ip_address = "10.200.0.2/24"
dns_servers = ["1.1.1.1", "8.8.8.8"]
routes = ["0.0.0.0/0"]
mtu = 1420

# Performance tuning
[performance]
worker_threads = 4
recv_buffer_size = 262144
send_buffer_size = 262144

# Split tunneling
[split_tunnel]
enabled = true
builtin_bypass_countries = ["CN"]
block_ads = false
auto_reload_interval = 300

# Network settings
[network]
ipv6_enabled = true
prefer_ipv4 = true
dns_cache_enabled = true
dns_cache_ttl = 300
dns_cache_size = 1000

Step 5: Configure Server

Create server.toml:

[server]
bind_address = "0.0.0.0:443"
websocket_path = "/connect"

tls_cert_file = "certs/cert.pem"
tls_key_file = "certs/key.pem"
identity_key_file = "server_identity.key"
prekey_bundle_file = "bundle.json"

# Rate limiting
[server.rate_limit]
max_connections_per_ip = 5
max_handshakes_per_minute = 10

# Network settings
[server.network]
nat_enabled = true
dhcp_range = "10.200.0.0/24"
dns_servers = ["1.1.1.1"]

Step 6: Connect

Run the client:

# SOCKS5 mode (default)
./rvpn --config client.toml

# TUN mode (full VPN)
./rvpn --config client.toml --tun

Your SOCKS5 proxy is now running at 127.0.0.1:1080.

Configure Your Applications

Configure your browser or application to use the SOCKS5 proxy:

Host: 127.0.0.1
Port: 1080

Systemd Service Installation

For production deployments, use the systemd service installers in scripts/:

# Install client service
sudo ./scripts/install-systemd.sh

# Install server service
sudo ./scripts/install-server-systemd.sh

See scripts/README.md for full configuration details.

Next Steps