For platforms where the native Blokada app is not yet available (such as your desktop), you have the option to use Blokada Plus with the WireGuard app instead.
To create the configuration file that WireGuard can use, go to https://app.blokada.org. After continuing with your account ID that you have a subscription for, navigate to the Devices section. Then follow these steps:
Hit the New Device button.
(optional) Set a name such as “Desktop”.
Select which gateway you want to use.
(optional) Choose a DNS server you want to use.
Press Save, a configuration will now be generated.
Download the generated .zip archive file or scan the QR code with the mobile WireGuard app.
Download WireGuard for your supported device. Press the Add button in the application, choose “Create from file or archive” or “Create from QR code”.
Activate the connection in the WireGuard app with the switch.
I just tried this and it took all of 10 minutes to create the Blokada configuration zip file, download and install WireGuard, then add the Blokada config file to WireGuard and activate on my Windows 10 computer. This actually improved my ping, download and upload values via the Ookla speed test vs. all previous speed tests using Private Internet Access. Looks like I’ll be cancelling my PIA account near the end of the month!
Hi, I need a step by step introduction how to use blokada vpn with wireguard on a linux system.
I have installed wireguard with the console. There is no gui at all, as I know.
Create the configuration file that WireGuard can use, go to https://app.blokada.org . After continuing with your account ID that you have a subscription for, navigate to the Devices section. Then follow these steps:
Hit the New Device button.
(optional) Set a name such as “Desktop”.
Select which gateway you want to use.
(optional) Choose a DNS server you want to use.
Press Save, a configuration will now be generated.
[#] ip link add blokada type wireguard
[#] wg setconf blokada /dev/fd/63
[#] ip -4 address add xxx/32 dev blokada
[#] ip -6 address add xxx64 dev blokada
[#] ip link set mtu 1420 up dev blokada
[#] resolvconf -a blokada -m 0 -x
/usr/bin/wg-quick: line 32: resolvconf: command not found
[#] ip link delete dev blokada
Is this ok?
What’s next?
I’ve changed the IP-Adresses to xxx in this listing.
root@x380debian:~# wg-quick up blokada
[#] ip link add blokada type wireguard
[#] wg setconf blokada /dev/fd/63
[#] ip -4 address add 10.143.1.254/32 dev blokada
[#] ip -6 address add fdad:b10c:a::a8f:1fe/64 dev blokada
[#] ip link set mtu 1420 up dev blokada
[#] resolvconf -a tun.blokada -m 0 -x
[#] wg set blokada fwmark 51820
[#] ip -6 route add ::/0 dev blokada table 51820
[#] ip -6 rule add not fwmark 51820 table 51820
[#] ip -6 rule add table main suppress_prefixlength 0
[#] ip6tables-restore -n
[#] ip -4 route add 0.0.0.0/0 dev blokada table 51820
[#] ip -4 rule add not fwmark 51820 table 51820
[#] ip -4 rule add table main suppress_prefixlength 0
[#] sysctl -q net.ipv4.conf.all.src_valid_mark=1
[#] iptables-restore -n
You may just visit any of the “what is my ip” website, and see what location it shows you. It should be according to the Blokada Plus location you selected.
On another device with debian linux I’ve done the same steps.
There it is not working. I’m getting the following messages:
xxx@x260debian:~$ sudo wg-quick up blokada
[sudo] Passwort für xxx:
[#] ip link add blokada type wireguard
[#] wg setconf blokada /dev/fd/63
[#] ip -4 address add 10.143.2.154/32 dev blokada
[#] ip -6 address add fdad:b10c:a::a8f:29a/64 dev blokada
[#] ip link set mtu 1200 up dev blokada
[#] resolvconf -a tun.blokada -m 0 -x
[#] wg set blokada fwmark 51820
[#] ip -6 route add ::/0 dev blokada table 51820
RTNETLINK answers: No such device
[#] resolvconf -d tun.blokada -f
[#] ip link delete dev blokada
On the first device, now I get the same Error Message.
root@x380debian:~# wg-quick up blokada
[#] ip link add blokada type wireguard
[#] wg setconf blokada /dev/fd/63
[#] ip -4 address add 10.143.1.254/32 dev blokada
[#] ip -6 address add fdad:b10c:a::a8f:1fe/64 dev blokada
[#] ip link set mtu 1200 up dev blokada
[#] resolvconf -a tun.blokada -m 0 -x
[#] wg set blokada fwmark 51820
[#] ip -6 route add ::/0 dev blokada table 51820
RTNETLINK answers: No such device
[#] resolvconf -d tun.blokada -f
[#] ip link delete dev blokada
I noticed that in your first “it works” post the output says ip link set mtu 1420 up dev blokada
while when you later said it’s broken the output says ip link set mtu 1200 up dev blokada.
A value of mtu 1200 is too low for IPv6 to function, this is probably why you see the RTNETLINK answers: No such device. We don’t currently specify any MTU value in the config file, which makes it interesting why its different between your outputs.
Could you please double check that you are using a unique file downloaded from app.blokada.org on each server? Please don’t share config files between servers.
Also please don’t modify the config file after downloading it before mentioning any changes you have made.
Oh and which Debian version are you currently trying this on?
Hi, I imported the .zip Archive with Wireguard but I don´t have access to the internet anymore when I switch on Wireguard. If I switch it off it becomes accesible again. How can I fix that?
Which platform are we talking about?
You might want to try a config for a different Blokada location as well to see if it makes a difference.
It might be that your internet provider is blocking this traffic. If you are able to try a different WiFi or mobile data to compare, please do
