β‘ Quick Start: Copy Your VLESS Config
Paste this vless:// link into V2rayN, v2rayNG, or Streisand:
vless://YOUR-UUID@your-server:443?encryption=none&security=reality&sni=www.microsoft.com&fp=chrome&pbk=YOUR-PUBLIC-KEY&flow=xtls-rprx-vision#MyVLESSReplace YOUR-UUID, your-server, and YOUR-PUBLIC-KEY with your values. Full setup below.
Don't want to run a server? Get a VLESS endpoint on a real Polish 4G carrier IP β provisioned in 5 minutes, no VPS needed. From /day β
Tested with xray-core 25.x Β· Last verified: April 2026
What Is VLESS and Xray?
VLESS is a lightweight, high-performance proxy protocol developed as part of the Xray-core project (a fork of V2Ray). It was designed from the ground up to be faster and more resource-efficient than older protocols like VMess, while maintaining strong encryption and censorship resistance.
The Xray project emerged in late 2020 as a community-driven fork of V2Ray, motivated by the need for better performance, active development, and innovative features like XTLS. Since then, Xray-core has become the dominant implementation, with V2Ray gradually losing community support. In 2026, when people refer to "V2Ray proxies," they almost always mean Xray-core with the VLESS protocol.
Key characteristics of VLESS:
- Zero overhead encryption: VLESS delegates encryption entirely to the transport layer (TLS 1.3), eliminating the redundant encryption layer that VMess uses. This means data is encrypted once (via TLS) instead of twice, resulting in faster connections and significantly lower CPU usage β especially important on mobile devices and low-power routers.
- XTLS (Xray TLS): A unique technology that "splices" the inner and outer TLS connections. When you browse an HTTPS website through VLESS with XTLS, the proxy recognizes the inner TLS handshake and directly forwards the encrypted data without re-encrypting it. This achieves near-native TLS performance. Your proxy traffic becomes truly indistinguishable from regular HTTPS browsing because, at the wire level, it is regular TLS traffic.
- XTLS Vision: The latest evolution of XTLS, designed specifically to defeat traffic analysis attacks. Vision pads the TLS Client Hello and other handshake messages to eliminate length-based fingerprinting that some DPI systems use. This is the recommended flow for all new VLESS deployments.
- Multiplexing: Multiple logical connections share a single TCP stream, reducing handshake overhead for applications with many concurrent requests (like web scraping or browsing with many tabs).
- Censorship resistance: Traffic looks like standard HTTPS connections to any standard website. DPI (Deep Packet Inspection) systems cannot distinguish VLESS traffic from normal web browsing, making it extremely difficult to detect and block.
Why Use VLESS/Xray Instead of Traditional Proxies?
Traditional HTTP and SOCKS5 proxies have fundamental limitations that VLESS was designed to overcome:
The Problem with HTTP Proxies
HTTP proxies transmit the CONNECT method in cleartext, making it trivially easy for network administrators, ISPs, and DPI systems to identify proxy traffic. The initial request explicitly states "I want to connect to this destination through a proxy" β there is no attempt at concealment. Any moderately sophisticated firewall can detect and block HTTP proxy traffic.
The Problem with SOCKS5 Proxies
SOCKS5 is better than HTTP in that it does not interpret the traffic, but the SOCKS5 handshake protocol itself is unencrypted and has a distinctive byte pattern. Firewalls can identify SOCKS5 connections by examining the first few bytes of the connection. In restrictive network environments, SOCKS5 traffic is blocked alongside HTTP proxies.
How VLESS Solves These Problems
VLESS wraps all proxy communication inside standard TLS 1.3 on port 443 β the same protocol and port used by every HTTPS website in the world. There is no distinctive handshake pattern, no cleartext metadata, and no protocol-specific byte sequences for DPI to detect. From the network's perspective, you are simply visiting a website. The UUID-based authentication happens inside the encrypted TLS tunnel, invisible to any observer.
Common scenarios where VLESS excels over traditional proxies:
- Restrictive corporate and university networks: IT departments that block VPNs, SOCKS5, and HTTP proxies cannot block VLESS because it is indistinguishable from regular HTTPS traffic. Blocking it would mean blocking all HTTPS websites.
- Countries with internet censorship: Nations with active DPI systems (China's GFW, Iran, Russia) specifically target known VPN and proxy protocols. VLESS with XTLS Vision is currently one of the most effective tools for bypassing these restrictions.
- Performance-critical applications: Trading platforms, real-time data feeds, competitive gaming, or any scenario where every millisecond of latency matters. VLESS's zero-overhead design delivers the closest-to-native performance of any proxy protocol.
- Mobile proxy connections: Combined with Proxy Poland's Xray support, you get a real Polish mobile IP through an lower-detection encrypted tunnel. This is the commonly used for both privacy and functionality.
VLESS vs VMess: Why VLESS Won
VMess was the original V2Ray protocol and is still widely documented online. However, VLESS has superseded it for several important reasons:
| Feature | VLESS | VMess |
|---|---|---|
| Encryption approach | TLS only (no double encryption) | Custom AES encryption + TLS = double encryption |
| CPU usage | Low (single encryption layer) | High (redundant encryption) |
| XTLS support | Yes (Vision flow) | No |
| Speed | Near-native TLS | 15β30% slower than native |
| Time sync requirement | None | Client/server must be within 90 seconds |
| Protocol complexity | Simple (lightweight) | Complex (heavier header) |
| Active development | Yes (Xray-core) | Minimal |
If you are setting up a new proxy connection in 2026, always choose VLESS over VMess. There is no scenario where VMess is the better option.
Prerequisites
Before you begin, you will need:
- An active Proxy Poland subscription with Xray/VLESS enabled (available on all plans at no extra cost)
- Your VLESS credentials from the Proxy Poland dashboard: UUID, server address, port, and the ready-to-import share link
- A VLESS-compatible client application for your platform (we cover the best options for every OS below)
- An internet connection that allows outbound HTTPS on port 443 (virtually all networks)
Step-by-Step Setup: Windows
Option A: v2rayN (Recommended for Windows)
v2rayN is the most popular Xray GUI client for Windows, with over 50,000 GitHub stars. It supports VLESS natively and provides a clean system-tray interface with automatic routing and traffic statistics.
- Download v2rayN: Go to
github.com/2dust/v2rayN/releasesand download the latestv2rayN-With-Core.zippackage. This includes both the GUI and the Xray-core engine, so you do not need to download them separately. - Extract and run: Extract the ZIP to a permanent folder (e.g.,
C:\v2rayN). Do not extract to the Downloads folder, as you will need the files long-term. Runv2rayN.exe. Windows Defender may show a SmartScreen warning because the app is unsigned β click "More info" and "Run anyway." - Add your Proxy Poland server: In the system tray (bottom-right), right-click the v2rayN icon and select Servers > Add VLESS server. Enter the following configuration from your Proxy Poland dashboard:
Remarks: ProxyPoland Mobile Address: xray.proxypoland.com Port: 443 UUID: (your UUID from dashboard) Flow: xtls-rprx-vision Encryption: none Network: tcp Security: tls SNI: xray.proxypoland.com Fingerprint: chrome ALPN: h2,http/1.1 - Save and activate: Click OK to save the server configuration. In the main window or tray menu, right-click the server entry and select Set as active server.
- Enable system proxy: In the v2rayN main window, set the system proxy mode to Set System Proxy (or use the tray menu: System Proxy > Set System Proxy). All your Windows traffic now routes through the Polish mobile IP.
- Verify connection: Open your browser and navigate to
ip.proxypoland.com. You should see a Polish IP address with Orange Polska as the carrier, and the connection type showing as Mobile/Cellular.
Option B: Import via VLESS Share Link (Fastest Method)
Proxy Poland provides a one-click share link in your dashboard that encodes the entire configuration. This is the fastest way to set up any VLESS client:
- Log into your Proxy Poland dashboard and navigate to your active proxy.
- Click the Copy VLESS Link button. This copies a URI starting with
vless://to your clipboard. - In v2rayN, right-click the system tray icon and select Servers > Import from clipboard.
- The server configuration is auto-populated with all the correct settings. Activate it and enable system proxy.
Option C: Nekoray (Alternative GUI)
Nekoray is another popular Xray GUI for Windows with a focus on simplicity. Download from github.com/MatsuriDayo/nekoray, import your VLESS link from clipboard, and connect with one click. Nekoray also supports routing rules if you want to proxy only specific traffic.
Step-by-Step Setup: macOS
V2BOX (Recommended for macOS)
V2BOX is available on the Mac App Store and provides a clean native macOS experience with Xray/VLESS support. It handles the VPN tunnel configuration automatically.
- Install V2BOX from the Mac App Store (search "V2BOX" or follow the link from the developer's site).
- Open the app. On first launch, it will request permission to add VPN configurations β approve this.
- Tap the + button to add a new configuration.
- Select Import from clipboard and paste your Proxy Poland VLESS link (copied from the dashboard).
- Alternatively, enter the configuration manually:
Protocol: VLESS Address: xray.proxypoland.com Port: 443 UUID: (your UUID from dashboard) TLS: enabled Network: TCP Flow: xtls-rprx-vision SNI: xray.proxypoland.com - Save and tap Connect. macOS will prompt for your system password or Touch ID to allow the VPN configuration.
- Verify your IP at
ip.proxypoland.comβ it should show a Polish Orange Polska mobile IP.
Xray-core via Terminal (Advanced Users)
For developers and power users who prefer command-line control, you can run Xray-core directly:
# Install via Homebrew
brew install xray
# Create config file
mkdir -p ~/.config/xray
cat > ~/.config/xray/config.json << 'EOF'
{
"log": { "loglevel": "warning" },
"inbounds": [
{
"tag": "socks-in",
"port": 1080,
"protocol": "socks",
"settings": {
"auth": "noauth",
"udp": true
}
},
{
"tag": "http-in",
"port": 1087,
"protocol": "http",
"settings": {}
}
],
"outbounds": [
{
"tag": "proxy",
"protocol": "vless",
"settings": {
"vnext": [
{
"address": "xray.proxypoland.com",
"port": 443,
"users": [
{
"id": "YOUR-UUID-HERE",
"encryption": "none",
"flow": "xtls-rprx-vision"
}
]
}
]
},
"streamSettings": {
"network": "tcp",
"security": "tls",
"tlsSettings": {
"serverName": "xray.proxypoland.com",
"fingerprint": "chrome",
"alpn": ["h2", "http/1.1"]
}
}
}
]
}
EOF
# Start Xray
xray run -config ~/.config/xray/config.json
# In another terminal, test the connection:
curl --socks5-hostname 127.0.0.1:1080 https://ip.proxypoland.com
# Or via HTTP proxy:
curl -x http://127.0.0.1:1087 https://ip.proxypoland.comWith this setup, configure your applications to use either SOCKS5 proxy at 127.0.0.1:1080 or HTTP proxy at 127.0.0.1:1087. For system-wide routing on macOS, set the proxy in System Settings > Network > Wi-Fi > Proxies.
Step-by-Step Setup: Android
v2rayNG (Recommended for Android)
v2rayNG is the standard Xray client for Android, maintained by the same developer as v2rayN for Windows. It has over 10 million downloads and supports all Xray protocols.
- Install: Download v2rayNG from Google Play Store (search "v2rayNG") or from
github.com/2dust/v2rayNG/releases(APK for sideloading). - Import configuration: Open the app and tap the + button in the top-right corner. Select Import config from Clipboard. Paste the VLESS link from your Proxy Poland dashboard.
- Or add manually: Tap + > Type manually > VLESS and fill in:
Remarks: ProxyPoland Mobile Address: xray.proxypoland.com Port: 443 UUID: (your UUID from dashboard) Flow: xtls-rprx-vision Encryption: none Network: tcp TLS: tls SNI: xray.proxypoland.com Fingerprint: chrome - Save and connect: Save the configuration. Tap the server entry to select it (it will be highlighted). Then tap the large V button at the bottom of the screen to connect.
- Grant VPN permission: Android will display a system dialog asking for VPN permission. Check "I trust this application" and tap OK. This allows v2rayNG to create a local VPN tunnel that routes all device traffic through the proxy.
- Verify: Open Chrome and visit
ip.proxypoland.com. You should see a Polish mobile IP.
Per-App Routing (Advanced)
v2rayNG supports per-app VPN routing. In Settings > Per-App Proxy, you can choose which apps route through the proxy and which use your direct connection. This is useful if you want only specific apps (e.g., Instagram, your scraping tool) to use the Polish IP while other apps use your normal connection.
Step-by-Step Setup: iOS
Streisand or V2BOX (iOS)
Due to Apple's App Store policies, iOS Xray clients are paid apps (typically $2β5). The two best options are:
Streisand (Recommended for iOS)
- Purchase and install Streisand from the App Store.
- Open the app. Tap + in the top-right to add a server.
- Select Import from clipboard and paste the VLESS link from your Proxy Poland dashboard.
- The configuration is auto-populated. Tap Save.
- Tap the server entry, then tap Connect.
- iOS will prompt for VPN permission. Approve using Face ID or passcode.
- A VPN icon will appear in the status bar, confirming the tunnel is active.
- Verify by opening Safari and visiting
ip.proxypoland.com.
V2BOX (iOS Alternative)
- Purchase and install V2BOX from the App Store.
- Follow the same import-from-clipboard workflow as Streisand.
- V2BOX also supports QR code scanning β your Proxy Poland dashboard can display a QR code for the VLESS link, which you can scan with V2BOX's built-in scanner.
Shadowrocket (Alternative)
Shadowrocket ($2.99) is another popular option with a long track record on iOS. It supports VLESS with XTLS Vision and provides advanced routing rules. Import your VLESS link from clipboard, connect, and verify.
Proxy Poland VLESS Configuration Reference
Every Proxy Poland proxy with Xray enabled provides these credentials in your dashboard. Use this reference table when configuring any VLESS client:
| Parameter | Value | Notes |
|---|---|---|
| Protocol | VLESS | Not VMess β always choose VLESS |
| Address | xray.proxypoland.com | Server hostname |
| Port | 443 | Standard HTTPS port, works on all networks |
| UUID | (unique per proxy) | Shown in dashboard, acts as your authentication key |
| Encryption | none | Encryption handled by TLS, not VLESS layer |
| Flow | xtls-rprx-vision | Required for XTLS performance and anti-detection |
| Network | tcp | TCP transport (not WebSocket or gRPC) |
| Security | tls | TLS 1.3 encryption |
| SNI | xray.proxypoland.com | Server Name Indication for TLS |
| Fingerprint | chrome | TLS fingerprint mimics Chrome browser |
| ALPN | h2,http/1.1 | Application-Layer Protocol Negotiation |
A ready-to-import vless:// share link and QR code are available in your dashboard for one-click setup in any compatible client.
VLESS vs OpenVPN: Which Should You Choose?
Proxy Poland supports both VLESS/Xray and OpenVPN on every proxy. Here is a detailed comparison to help you decide:
| Feature | VLESS/Xray | OpenVPN |
|---|---|---|
| Speed overhead | 1β3% (near-native TLS) | 10β20% (full tunnel encryption) |
| Latency added | Minimal (single handshake) | Moderate (multi-step handshake) |
| Detection resistance | Excellent (indistinguishable from HTTPS) | Moderate (DPI can identify OpenVPN protocol) |
| Firewall bypass | Excellent (port 443, standard TLS) | Good (can use port 443, but protocol is detectable) |
| Client availability | v2rayN, v2rayNG, V2BOX, Streisand, Shadowrocket | OpenVPN Connect (all platforms), Tunnelblick (macOS) |
| Setup complexity | Moderate (copy-paste link or manual config) | Easy (import .ovpn file, one-click connect) |
| System-wide tunneling | Yes (via TUN mode in client apps) | Yes (native, enabled by default) |
| Split tunneling | Yes (advanced routing rules per app/domain) | Limited (basic split tunnel in some clients) |
| Router support | Yes (OpenWrt with Xray package) | Yes (most routers support OpenVPN natively) |
| Security track record | Newer protocol, less audited | 20+ years of security audits |
| Best for | Restricted networks, maximum speed, censorship bypass | Simple setup, router deployment, maximum compatibility |
Our recommendation: Use VLESS if you are on a restricted network (corporate, university, censored country), need maximum speed, or want your traffic to be completely indistinguishable from regular HTTPS browsing. Use OpenVPN if you prefer the simplest possible setup (import .ovpn file, click connect), need router-level deployment, or prioritize the longest security track record.
Both protocols connect to the same physical modem and share the same Polish mobile IP. The proxy output is identical β only the tunnel technology differs.
Troubleshooting Common Issues
Connection timeout or connection refused
- Check UUID: Copy-paste your UUID from the dashboard. Do not type it manually β a single wrong character will cause authentication failure.
- Verify port 443: Ensure outbound HTTPS on port 443 is not blocked by your network firewall. This is rarely blocked since it would break all HTTPS websites.
- Check subscription status: Log into your Proxy Poland dashboard and verify your proxy is in "Active" status with time remaining.
- Try a different network: If you are on a restrictive network, try connecting from your phone's mobile data to isolate the issue.
- Update your client: Ensure you are running the latest version of your VLESS client. Older versions may not support XTLS Vision correctly.
Connected but no internet access
- DNS configuration: In v2rayN, go to Settings > Core Settings and ensure DNS is configured. Use
8.8.8.8or1.1.1.1as the DNS server. Without proper DNS, the proxy tunnel works but domain resolution fails. - Routing mode: Check that your client is in Global proxy mode, not PAC/Rule-based mode. Rule-based mode may exclude some traffic from the proxy tunnel, causing those connections to fail if your direct internet also has restrictions.
- VPN permission (mobile): On Android/iOS, ensure the VPN permission was granted correctly. Try disconnecting, revoking VPN permission in system settings, and reconnecting to trigger a fresh permission prompt.
- Conflicting VPN/proxy: Disable any other VPN, proxy, or ad blocker that might conflict with the VLESS tunnel.
Slow speeds
- Enable XTLS Vision: Ensure
flow: xtls-rprx-visionis set in your configuration. Without it, VLESS falls back to standard TLS processing, which is significantly slower. - Use TCP transport: TCP is the recommended transport for VLESS. WebSocket and gRPC add overhead and should only be used if TCP is blocked on your network (which is rare when using port 443).
- Check base speed: Test your internet speed without the proxy. Mobile proxies are limited by the carrier's LTE speed (typically 30β100 Mbps for Orange Polska). If your base speed is 10 Mbps, the proxy will not be faster.
- Geographic latency: If you are geographically far from Poland, additional latency is expected. A user in Asia connecting to a Polish mobile IP will have 200β300 ms latency, which is normal for the distance.
- Server load: During peak hours (European evening), LTE speeds may drop slightly. Try testing at different times of day.
IP not showing as Polish/mobile
- Verify connection: Visit
ip.proxypoland.comin your browser. If it shows your real IP, the proxy tunnel is not active. - Check routing mode: If using split tunneling or PAC mode, the IP check site might be excluded from proxy traffic. Switch to global mode for verification.
- Wait after connecting: Allow 3β5 seconds after the client shows "Connected" before checking. The proxy needs a moment to establish the LTE tunnel to the modem.
- Check multiple lookup services: Some IP databases have outdated records. Verify on ipinfo.io, ip-api.com, and MaxMind. All should show Orange Polska as the carrier.
Advanced Configuration: Routing Rules
VLESS clients support routing rules that let you selectively proxy traffic. This is useful for advanced setups where you want only certain domains or applications to use the Polish IP:
// In Xray-core config.json, add routing rules:
"routing": {
"domainStrategy": "AsIs",
"rules": [
{
"type": "field",
"domain": ["instagram.com", "facebook.com", "allegro.pl"],
"outboundTag": "proxy"
},
{
"type": "field",
"domain": ["geosite:category-ads"],
"outboundTag": "block"
},
{
"type": "field",
"outboundTag": "direct"
}
]
}
// This routes Instagram, Facebook, and Allegro through the proxy,
// blocks ad domains, and lets everything else go direct.