SSH tunneling is one method of using bridges to get around a restrictive firewall. It is available for Windows, Linux, and OS X. It exists on port 22.
In this guide, we take you through the steps to use SSH tunneling to connect to Mullvad's VPN servers. This involves logging in to our bridge servers and then running a local SOCKS proxy that you can connect OpenVPN to, we will connect to the bridge server 220.127.116.11 in our examples, you can change this to one of our other bridges.
In a terminal, issue
ssh -f -N -D 1234 firstname.lastname@example.org.
When you connect to a bridge for the first time, you will be asked to accept the unique fingerprint for each server. You can view the fingerprints in our list of bridges.
The authenticity of host 'se-mma-br-001.mullvad.net (18.104.22.168)' can't be established. ED25519 key fingerprint is SHA256:LuBJ1HTfEWNQsvDc5tZrwoG+CokMypcflLMObEnCeMg. Are you sure you want to continue connecting (yes/no)?
Type 'yes' to save the fingerprint.
You will then be prompted to enter a password. Type in 'mullvad'.
After entering the password you will be returned to the prompt and the process will run in the background.
Follow the instructions below using the PuTTY client. (Note: Mullvad has not performed an audit of PuTTY. Downloading software via an untrusted third party could potentially mean acquiring unwanted malware, adware, and/or backdoors.)
If you are using OpenVPN instead of the Mullvad VPN app, the following instructions help you to configure OpenVPN to use the SSH proxy.
Follow our guides on how to install OpenVPN for your Operating system:
Be sure to download the configuration for port 443.
After you have installed OpenVPN, open the OpenVPN configuration file for your operating system:
Add the following to the file:
socks-proxy 127.0.0.1 1234 route 22.214.171.124 255.255.255.255 net_gateway route 126.96.36.199 255.255.255.255 net_gateway route 188.8.131.52 255.255.255.255 net_gateway route 184.108.40.206 255.255.255.255 net_gateway route 220.127.116.11 255.255.255.255 net_gateway route 18.104.22.168 255.255.255.255 net_gateway route 22.214.171.124 255.255.255.255 net_gateway
Now you're all set!