In this guide you will install a bridge client on your computer that connects to one of Mullvad's bridge servers using the SSH Protocol. Using this bridge, the Mullvad app can then access Mullvad's VPN servers that are for some reason blocked from being directly accessed.
The bridge client will run locally on your computer and Mullvad will access it via the local address 127.0.0.1 and a port, port 1234 in this case.
The Mullvad app will work with any SOCKS5 proxy. You can even run your own remote server and client (locally) that uses a different set of protocols that might work better for you, and then use that to connect to our VPN servers.
In this guide, we are using SSH. Our examples make use of bridge server se-mma-br-001.mullvad.net with IP address 18.104.22.168. Please refer to our list of bridge servers and their locations in order to use another bridge.
In a terminal, run the command
ssh -f -N -D 1234 email@example.com.
Download KiTTY (a putty fork) from FossHub.
Run KiTTY and then configure it with the following settings:
When you connect for the first time to each bridge, you will be asked to accept the fingerprint for that server (see our list of bridges). This is what it looks like when connecting via Linux:
The authenticity of host 'se-mma-br-001.mullvad.net (22.214.171.124)' can't be established. ED25519 key fingerprint is SHA256:LuBJ1HTfEWNQsvDc5tZrwoG+CokMypcflLMObEnCeMg. Are you sure you want to continue connecting (yes/no)?
mullvad bridge set custom local 1234 126.96.36.199 22
mullvad connectin the command prompt.
Open a command prompt or terminal and then run
mullvad bridge set state off.
By connecting via one location using our bridges and exiting via another location, you will enable so-called multihopping.
Multihop connections offer higher levels of anonymity and privacy. This is because adversaries would need to launch sophisticated, timed attacks against the traffic in multiple locations and in different jurisdictions simultaeously. However, this additional security comes at the cost of slower performance due to the additional 'hop' that your traffic takes.
Shadowsocks is an open-source proxy project intended to circumvent internet censorship. It is high performing and has support for new ciphers.
Follow our Shadowsocks guide for more information on how to use Shadowsocks instead of SSH. The Shadowsocks guide will use the bridge 188.8.131.52 (instead of 184.108.40.206) and the local port 1080 (instead of 1234).