Private VPN - any experience or advice?

[PT4]

​

VPN blocking is starting on the Internet. Will get worse. I'm wondering about setting up a private VPN. Would appreciate advice from those with actual experience.

​

​

​What I think I know about private VPNs:

1. A private VPN is software + another computer somewhere else. Can be anywhere.

2. The remote computer is usually at server hosting service, rented by the month.

3. As the user of my own, private VPN, I connect to the remote server, which then relays all packets out to the wide Internet, just like with a commercial VPN.

If those ideas are correct, then I have these specific questions:

​

​A. Where to find hosting services suitable for setting up a tiny, private VPN? Not high traffic. Not a commercial service. No web site at all.

B. Where to find software to handle the VPN? Paid software preferred -- I don't want free. But since I am familiar with Macs, and will rent at a Mac hosting service, I'm looking for a Mac VPN application.

​

​

​Finally, does anyone here want a small consulting project setting this up for me? You can be located anywhere -- not necessary to be in Thailand. I can pay with Elance, PayPal, DELETED gold grams, or SWIFT. Discuss in PM.

Edited March 31, 2016 by seedy
illegal activity

[Chicog]

VPN blocking is starting on the Internet

Can you elucidate?

[Tywais]

"I'm wondering about setting up a private VPN. Would appreciate advice from those with actual experience."

You can get a VPS (virtual private server) and setup OpenVPN on it. Examples below:

https://www.bestvpn.com/blog/11447/roll-openvpn-server-vps-using-centos-6/

http://vpsville.ca/vpn-vps

[Bench499d]

^^^ What he said. Even if you did it on a Mac (which doesn't really make sense) I am sure OpenVPN server can still be used, but it will probably be much more difficult than on Linux.

Why don't you want to use open source? You want to pay lots of $$$$ for a commercial VPN server for one? Doesn't really make sense.

[ukrules]

Rent a server in the country of your choice, it can be a small VPS from somewhere like linode or digitalocean (google them) and install openvpn on it.

There are two versions of openvpn, the 'bells and whistles' commercial version costs money but it's free if you only have up to 2 connections - so you will be able to use this version which is much easier to install and administer as it has a web facing admin control panel.

If you know your stuff you can go for the community version and install it on linux but you're going to need to create certificates for both the client and server side.

I suggest you rent a VPS which can be as low as $5-$10 a month and use the 'easy' version of openvpn mentioned above.

Edited March 2, 2016 by ukrules

[CaptHaddock]

Assuming you have at least a computer and one wifi device like a mobile phone, the best option is to set up the openvpn client on your router, rather than on each device. That offloads the setup and processing from your devices to the router. A router that comes with the dd-wrt operating system will accommodate this setup, although some others will also. You can find recipes by searching.

Edited March 3, 2016 by CaptHaddock

[PT4]

Thank you, "Tywais", for posting helpful links. That was exactly what I needed to get started on this.

With that information as the starting point, I set up two private VPNs, in two countries, using my Mac. It took several hours to read through the details, select suitable hosting services, and make some mistakes in the setup and go back and find them, but now it's done. Recent versions of the Mac operating system have VPN software built in, so there was no need to download and install any software on my MacBook Pro.

With my former VPN service, in recent months, I started to experience a few instances of VPN blocking. As blocking spreads to more known services, I can now expect to be "under the radar".

Why two countries? One in my home country (USA) specifically to connect to my email and bank. The other one in Singapore for the bulk of Internet browsing.

[prestburypark]

"Recent versions of the Mac operating system have VPN software built into them"

Please explain, I have El Capitan but use a paid for VPN.

Where do you locate the built in VPN and how does it work, and why would you need more VPN's if it worked already?

Thanks.

[Tywais]

"Recent versions of the Mac operating system have VPN software built into them"

Please explain, I have El Capitan but use a paid for VPN.

Where do you locate the built in VPN and how does it work, and why would you need more VPN's if it worked already?

Thanks.

VPN requires a client-server type configuration. The VPN on the MAC/PC/Android/iOS is the client side but you still need a server to connect to.

[manarak]

actually, if you have friends living in Europe or America and they use a strong broadband connection, you could just ask them if they would agree to let you leach 10% of their bandwidth. Most proper routers nowadays can act as a VPN gateway.

Edited March 3, 2016 by manarak

[sniffdog]

VPN blocking is starting on the Internet

Can you elucidate?

Been living in a cave lately? Netflix has started to block proxy servers, unblockers and Vpns to prevent members watching outside their content area.

Although providers have been able to battle this, I noticed that one of the US Vpn servers I use regularly is blocked by Netflix. I fear more of those will follow.

[PT4]

prestburypark wrote:

"Please explain, I have El Capitan but use a paid for VPN ... Where do you locate the built in VPN?

Tywais wrote:

"VPN requires a client-server type configuration. The VPN on the MAC/PC/Android/iOS is the client side but you still need a server to connect to."

.

Adding to that a bit. Every VPN requires two computers. One computer is yours -- "client" -- plus another computer somewhere else -- "server". In the past, both computers needed software that could talk back and forth, thus "client/server" as Tywais explained above.

There are many VPN "servers" available on the Internet. Some are paid, some are free. On my private VPN, I pay to use a server in the USA.

In the past, to use a VPN on your computer, you needed to download and install "client" software. But now, on current Macintosh OSX, the "client" software is built in. Access: > Apple Menu > System Preferences > Network. The configuration details will be specified by the VPN service you use.

[PT4]

prestburypark wrote:

"why would you need more VPN's if it worked already? Thanks.

.

Excellent question from "prestburypark".

My former VPN worked fine. The problem is elsewhere. Some Internet services don't like VPNs at all; don't want you to have any privacy: governments, Google, movie web sites. So those services hunt for VPN services and block them. That blocking is just beginning.

I expect public VPN services will eventually be defeated. On the other hand, private VPNs will be difficult to identify and costly to block. My goal is secure connections to my email and my bank.

[Tywais]

In the past, to use a VPN on your computer, you needed to download and install "client" software. But now, on current Macintosh OSX, the "client" software is built in. Access: > Apple Menu > System Preferences > Network. The configuration details will be specified by the VPN service you use.

Same with Windows 7 - 10. Android also has integrated VPN client and probably iOS.

[prestburypark]

Thanks, PT4, makes sense now, I remember downloading VPN software before with different providers.

I am looking at VPS now, but Manarak's comment on using a connection in Europe is interesting as I have a Virgin Media account in the UK which is super high bandwidth, (for the UK anyway 150+Mbps) and rising. How would I connect to that router from Thailand...and could I then run an anonymising VPN or VPS from there? Or install an actual server,

Just thinking out loud really.

[PT4]

prestburypark" wrote:

"I have a Virgin Media account in the UK which is super high bandwidth ... How would I connect to that router from Thailand...and could I then run an anonymising VPN or VPS from there?"

.

Good question, but I don't know. Perhaps "manarak" can advise (per his post #10 above).

Edited March 3, 2016 by PT4

[prestburypark]

Netflix just accessed by VPN from Phetchabun "Better call Saul," Series2

[sniffdog]

Last time I checked Petchburi was in Thailand so no VPN needed.

Edited March 3, 2016 by sniffdog

[Chicog]

VPN blocking is starting on the Internet

Can you elucidate?

Been living in a cave lately? Netflix has started to block proxy servers, unblockers and Vpns to prevent members watching outside their content area.

Although providers have been able to battle this, I noticed that one of the US Vpn servers I use regularly is blocked by Netflix. I fear more of those will follow.

That's not VPN blocking. It's geoblocking.

VPN blocking would be where your ISP stops you using a VPN. Now that *would* be an issue.

I noticed iPlayer doesn't work on Browsec now, but it doesn't really bother me with all the Kodi alternatives, FilmOn, etc.

Edited March 3, 2016 by Chicog

[sniffdog]

VPN blocking is starting on the Internet

Can you elucidate?

Been living in a cave lately? Netflix has started to block proxy servers, unblockers and Vpns to prevent members watching outside their content area.

Although providers have been able to battle this, I noticed that one of the US Vpn servers I use regularly is blocked by Netflix. I fear more of those will follow.

That's not VPN blocking. It's geoblocking.

VPN blocking would be where your ISP stops you using a VPN. Now that *would* be an issue.

I noticed iPlayer doesn't work on Browsec now, but it doesn't really bother me with all the Kodi alternatives, FilmOn, etc.

Again stop posting nonsense. Check Wikipedia. Geoblocking is done before a VPN is being used. You need a VPN because organizations like Netflix or Hulu uses geoblocking. By using a VPN you 'break' geoblocking and VPN blocking is done to prevent you from using a VPN.

Get your stuff right.

Edited March 3, 2016 by sniffdog

[Chicog]

Again stop posting nonsense. Check Wikipedia. Geoblocking is done before a VPN is being used. You need a VPN because organizations like Netflix or Hulu uses geoblocking. By using a VPN you 'break' geoblocking and VPN blocking is done to prevent you from using a VPN.

Get your stuff right.

Why on earth would I need to resort to Wikipedia to understand something so obvious?

Perhaps you haven't twigged how it works, so I'll explain it to you.

Geoblocking in the case of, for example, Netflix, originally meant that they did not allow overseas IPs to use it.

By using a VPN, you could masquerade as being on a US IP address.

What Netflix started doing is treating US IPs of VPN services as foreign ones.

Which is the same as the Beeb are doing with things like Browsec.

Their attitude, quite simply, is that if you are in the US (or the UK for the Beeb), you should not need to use a VPN to get to a local service.

Did I explain that clearly enough?

If I didn't perhaps this explains it, and it's also relevant to the OP:

Netflix also appears to have moved to block users that created their own VPN using a self-hosted server. The company has blocked entire IP address ranges from DigitalOcean, Linode and Amazon Web Services in an effort to prevent the tactic.[/size]

I'll try my own VPN later to see if they've clocked it.

Edited March 3, 2016 by Chicog

[sniffdog]

You post what YOU think is obvious. Written word is the truth unless you distrust Wikipedia or experts. And the thing is that not all VPNs are yet banned. Again, don't post nonsense.

[Chicog]

'VPN blocking is starting on the Internet' is not the same as Netflix blocking VPN and VPS IP addresses in the US or UK. You appear to be a little miffed, I'd calm down and read again slowly.

[manarak]

Thanks, PT4, makes sense now, I remember downloading VPN software before with different providers.

I am looking at VPS now, but Manarak's comment on using a connection in Europe is interesting as I have a Virgin Media account in the UK which is super high bandwidth, (for the UK anyway 150+Mbps) and rising. How would I connect to that router from Thailand...and could I then run an anonymising VPN or VPS from there? Or install an actual server,

Just thinking out loud really.

you need an actual router connecting to that virgin account in UK.

then configure DDNS on the router, so it can be reached from the internet

then configure VPN server on the router (its probably already built-in), and you are done.

but you won't anonymize anything that way, if you connect to that VPN, you will surf the internet just as if you were physically sitting there using your router in UK.

the connection will be anonymous to anyone outside the UK, because I guess foreign countries don't have access to Virgin's records to ID you.

Edited March 4, 2016 by manarak

[Bench499d]

Thanks, PT4, makes sense now, I remember downloading VPN software before with different providers.

I am looking at VPS now, but Manarak's comment on using a connection in Europe is interesting as I have a Virgin Media account in the UK which is super high bandwidth, (for the UK anyway 150+Mbps) and rising. How would I connect to that router from Thailand...and could I then run an anonymising VPN or VPS from there? Or install an actual server,

Just thinking out loud really.

you need an actual router connecting to that virgin account in UK.

then configure DDNS on the router, so it can be reached from the internet

then configure VPN server on the router (its probably already built-in), and you are done.

but you won't anonymize anything that way, if you connect to that VPN, you will surf the internet just as if you were physically sitting there using your router in UK.

the connection will be anonymous to anyone outside the UK, because I guess foreign countries don't have access to Virgin's records to ID you.

This won't work. Virgin's routers don't have VPN servers or clients builtin. I assume you have the Superhub. You would need a server of some description with OpenVPN server (for example) installed. You would then need to configure the router to accept incoming connections to the server, and then configure the server to route traffic from the VPN back out over the Internet.

I presume it is doable but haven't tried it myself. The server you put in the UK would only have to be something small and relatively low powered with Linux installed. It might need 2 network cards for the routing but not sure on that without trying it.

[manarak]

Thanks, PT4, makes sense now, I remember downloading VPN software before with different providers.

I am looking at VPS now, but Manarak's comment on using a connection in Europe is interesting as I have a Virgin Media account in the UK which is super high bandwidth, (for the UK anyway 150+Mbps) and rising. How would I connect to that router from Thailand...and could I then run an anonymising VPN or VPS from there? Or install an actual server,

Just thinking out loud really.

you need an actual router connecting to that virgin account in UK.

then configure DDNS on the router, so it can be reached from the internet

then configure VPN server on the router (its probably already built-in), and you are done.

but you won't anonymize anything that way, if you connect to that VPN, you will surf the internet just as if you were physically sitting there using your router in UK.

the connection will be anonymous to anyone outside the UK, because I guess foreign countries don't have access to Virgin's records to ID you.

This won't work. Virgin's routers don't have VPN servers or clients builtin. I assume you have the Superhub. You would need a server of some description with OpenVPN server (for example) installed. You would then need to configure the router to accept incoming connections to the server, and then configure the server to route traffic from the VPN back out over the Internet.

I presume it is doable but haven't tried it myself. The server you put in the UK would only have to be something small and relatively low powered with Linux installed. It might need 2 network cards for the routing but not sure on that without trying it.

not sur if you are talking about a proper router or just the virgin endpoint.

maybe prestburypark has connected a proper router behind his Virgin endpoint.

I use ASUS models N66U - N55U which both have built-in VPN server, works like a charm - but I'm not using Virgin.

I always prefer using a router behind the ISP's endpoint device, because these are usually very limited in their features.

Edited March 4, 2016 by manarak

[sniffdog]

All of my locations on slickvpn are blocked now by Netflix. And none of the locations of unlocator work.

[jpinx]

Using a paid service was always going to be a short term solution because the services being connected to will easily be able to block the relevant blocks of IP numbers and maintain blacklists, etc. Having access to your own VPS is a slightly longer term solution, but expect them to come under scrutiny soon too. If there is a broadband symmetric connection in your friends house, it's worth configuring that router, even buying a better router if the existing one can't cut it. That's possibly going to be cheaper than a VPS in the long term and you can even contribute to the cost of your friends broadband every month.

It's not just services like netflix who are unhappy with your evasions, you can expect the connection providers where you are living abroad to increasingly take an interest in people hiding their traffic by using VPNs and other means. It's perfectly possible for them to block connections to known VPN, VPS etc.

[Bench499d]

Thanks, PT4, makes sense now, I remember downloading VPN software before with different providers.

I am looking at VPS now, but Manarak's comment on using a connection in Europe is interesting as I have a Virgin Media account in the UK which is super high bandwidth, (for the UK anyway 150+Mbps) and rising. How would I connect to that router from Thailand...and could I then run an anonymising VPN or VPS from there? Or install an actual server,

Just thinking out loud really.

you need an actual router connecting to that virgin account in UK.

then configure DDNS on the router, so it can be reached from the internet

then configure VPN server on the router (its probably already built-in), and you are done.

but you won't anonymize anything that way, if you connect to that VPN, you will surf the internet just as if you were physically sitting there using your router in UK.

the connection will be anonymous to anyone outside the UK, because I guess foreign countries don't have access to Virgin's records to ID you.

This won't work. Virgin's routers don't have VPN servers or clients builtin. I assume you have the Superhub. You would need a server of some description with OpenVPN server (for example) installed. You would then need to configure the router to accept incoming connections to the server, and then configure the server to route traffic from the VPN back out over the Internet.

I presume it is doable but haven't tried it myself. The server you put in the UK would only have to be something small and relatively low powered with Linux installed. It might need 2 network cards for the routing but not sure on that without trying it.

not sur if you are talking about a proper router or just the virgin endpoint.

maybe prestburypark has connected a proper router behind his Virgin endpoint.

I use ASUS models N66U - N55U which both have built-in VPN server, works like a charm - but I'm not using Virgin.

I always prefer using a router behind the ISP's endpoint device, because these are usually very limited in their features.

Yeah I was talking about the Virgin DOCSIS router. Actually yes you could do it with another router just replace the server with another router.

When I was back in the UK I had the Virgin service and because the wireless was rubbish I had another old Netgear WRT router connected as an access point. This had DD-WRT on it which has a built-in OpenVPN server. I used to connect to my network from outside using that OpenVPN in the router. The only thing I remember I hadn't got setup was the ability to reach the internet while connected to the VPN tunnel via the Virgin router but it must be doable.

[jpinx]

Thanks, PT4, makes sense now, I remember downloading VPN software before with different providers.

I am looking at VPS now, but Manarak's comment on using a connection in Europe is interesting as I have a Virgin Media account in the UK which is super high bandwidth, (for the UK anyway 150+Mbps) and rising. How would I connect to that router from Thailand...and could I then run an anonymising VPN or VPS from there? Or install an actual server,

Just thinking out loud really.

you need an actual router connecting to that virgin account in UK.

then configure DDNS on the router, so it can be reached from the internet

then configure VPN server on the router (its probably already built-in), and you are done.

but you won't anonymize anything that way, if you connect to that VPN, you will surf the internet just as if you were physically sitting there using your router in UK.

the connection will be anonymous to anyone outside the UK, because I guess foreign countries don't have access to Virgin's records to ID you.

Anonymising is not possible without masking the IP with a system like Tor, but that is not needed if the requirement is only get around geo-blocking. Be aware that the person running the connecting server/router will have an obligation to provide his details to whatever provider *he* uses, so any of your naughtiness will be blamed on him.