Discussion:
[ale] VPN recommendations?
Jeff Layton via Ale
2018-03-16 12:28:29 UTC
Permalink
Good morning,

I've thought about VPN solutions for a while since I travel quite a bit.
I'd like it to have a good number of US connections but also some around
the world. And of course, I want it to be as fast as possible and not
collect any of my data (if possible). Any recommendations?

Thanks!

Jeff

_______________________________________________
Ale mailing list
***@ale.org
https://mail.ale.org/mailman/listinfo/ale
See JOBS, ANNOUNCE and SCHOOLS lists at
http://mail.ale.org/mailman/listinfo
James Sumners via Ale
2018-03-16 12:31:45 UTC
Permalink
I got a lifetime subscription to https://celo.net/ from a techdirt.com deal
some time ago. I use it occasionally with decent results.
Post by Jeff Layton via Ale
Good morning,
I've thought about VPN solutions for a while since I travel quite a bit.
I'd like it to have a good number of US connections but also some around
the world. And of course, I want it to be as fast as possible and not
collect any of my data (if possible). Any recommendations?
Thanks!
Jeff
_______________________________________________
Ale mailing list
https://mail.ale.org/mailman/listinfo/ale
See JOBS, ANNOUNCE and SCHOOLS lists at
http://mail.ale.org/mailman/listinfo
--
James Sumners
http://james.sumners.info/ (technical profile)
http://jrfom.com/ (personal site)
http://haplo.bandcamp.com/ (music)
James Taylor via Ale
2018-03-16 14:48:18 UTC
Permalink
If you don't need to do file transfers, an html5 vpn solution might be an answer.
The Sophos UTM has a home edition that provides that for free.
I use the commercial version for all of my interactive remote access for my office and my customers.
You can install it on a vm or a spare pc.
-jt



James Taylor
678-697-9420
I got a lifetime subscription to https://celo.net/ from a techdirt.com deal
some time ago. I use it occasionally with decent results.
Post by Jeff Layton via Ale
Good morning,
I've thought about VPN solutions for a while since I travel quite a bit.
I'd like it to have a good number of US connections but also some around
the world. And of course, I want it to be as fast as possible and not
collect any of my data (if possible). Any recommendations?
Thanks!
Jeff
_______________________________________________
Ale mailing list
https://mail.ale.org/mailman/listinfo/ale
See JOBS, ANNOUNCE and SCHOOLS lists at
http://mail.ale.org/mailman/listinfo
--
James Sumners
http://james.sumners.info/ (technical profile)
http://jrfom.com/ (personal site)
http://haplo.bandcamp.com/ (music)


_______________________________________________
Ale mailing list
***@ale.org
https://mail.ale.org/mailman/listinfo/ale
See JOBS, ANNOUNCE and SCHOOLS lists at
http://mail.ale.org/mailman/listinfo
Solomon Peachy via Ale
2018-03-16 12:39:58 UTC
Permalink
I've thought about VPN solutions for a while since I travel quite a bit. I'd
like it to have a good number of US connections but also some around the
world. And of course, I want it to be as fast as possible and not collect
any of my data (if possible). Any recommendations?
It depends a lot on where you're travelling, and why.

I've been many places that block VPNs entirely, and will also drop SSH
connections if you try to push too much traffic through them.

Your best bet might be something that offers an "SSL VPN" that
essentially tunnels everything over HTTPS. It was the only way I
could get to Google in China, for example.

- Solomon
--
Solomon Peachy pizza at shaftnet dot org
Coconut Creek, FL ^^ (email/xmpp) ^^
Quidquid latine dictum sit, altum videtur.
DJ-Pfulio via Ale
2018-03-16 13:04:24 UTC
Permalink
Post by Jeff Layton via Ale
Good morning,
I've thought about VPN solutions for a while since I travel quite a bit. I'd
like it to have a good number of US connections but also some around the world.
And of course, I want it to be as fast as possible and not collect any of my
data (if possible). Any recommendations?
VPNs change their policies all-the-time. The good ones change from week to week.
What can we do? TorrentFreak does a review of VPNs every year, usually in
February.

I run my own VPN at home, for when I'm away. It uses openvpn AES256 and works
just like the VPN services. Works surprisingly well for my 15/3 slow-ass
connection.

I also use PIA for when I'm at home and want to exit in a different place.
Google doesn't like it when you do that and sends scary sounding emails that
someone has taken over an account. Pffffft. PIA has different ports for
different ciphers and both UDP and TCP are supported. Even if you are on a
hotel with HTTPS/443/TCP only allowed, you can connect to PIA.

Here's that table of connections:
https://helpdesk.privateinternetaccess.com/hc/en-us/articles/225274288-Which-encryption-auth-settings-should-I-use-for-ports-on-your-gateways-

Any VPN with exit nodes in Russia has provided their master keys to the Russia govt.
PIA has been asked for logs by the FBI:
"A subpoena was sent to London Trust Media and the only information they could
provide is that the cluster of IP addresses being used was from the east coast
of the United States," the FBI's complain reads. "However, London Trust did
provide that they accept payment for their services through credit card with a
vendor company of Stripe and/or Amazon."

If you have ssh working to your home, you can use it as a SOCKS proxy from
anywhere too. It will leak non-TCP data, however - like DNS.

Lots of different methods to secure a connection when away from home. If you
want more security, probably want to use IPSec. From time to time, openvpn does
have bugs.

I just extended my PIA subscription. There is a $60/2 yr deal going on now.
Existing customers will see a prorated offer in their dashboard.

PIA owns freenode (IRC), but oddly, I've never been able to use freenode with an
active PIA connection. What's up with that?
_______________________________________________
Ale mailing list
***@ale.org
https://mail.ale.org/mailman/listinfo/ale
See JOBS, ANNOUNCE and SCHOOLS lists at
http://mail.ale.org/mailman/listinfo
DJ-Pfulio via Ale
2018-03-16 13:13:29 UTC
Permalink
Post by DJ-Pfulio via Ale
VPNs change their policies all-the-time. The good ones change from week to week.
What can we do? TorrentFreak does a review of VPNs every year, usually in
February.
This is unclear. Sorry. Because VPN providers enter the market all the time,
which is "da best" changes all the time.

There are free VPNs - where your traffic is the product. Just depends on what
you really want.

Also, you can run your own VPN on a VPS if you don't want it at home, but still
want to have control and don't trust the big VPN providers. If you set it up
right, it would be about 3 minutes to bring it up and would only need to be
running when you are traveling, so the total cost would be pretty small at a
pay-by-the-minute VPS.

Lots-o-options.

_______________________________________________
Ale mailing list
***@ale.org
https://mail.ale.org/mailman/listinfo/ale
See JOBS, ANNOUNCE and SCHOOLS lists at
http://mail.ale.org/mailman/listinfo
dev null zero two via Ale
2018-03-16 13:17:34 UTC
Permalink
I can highly recommend PIA and Torguard wrt # of locations around the world
AND speed. I can reach the single thread limit of the OpenVPN client on my
CPU (130 Mb/s) with both services.

however, if you are going to heavily restricted countries that actively
monitor VPN endpoints, your best bet is to setup your own Shadowsocks
server as that is less detectable.
Post by DJ-Pfulio via Ale
Post by DJ-Pfulio via Ale
VPNs change their policies all-the-time. The good ones change from week
to week.
Post by DJ-Pfulio via Ale
What can we do? TorrentFreak does a review of VPNs every year, usually
in
Post by DJ-Pfulio via Ale
February.
This is unclear. Sorry. Because VPN providers enter the market all the time,
which is "da best" changes all the time.
There are free VPNs - where your traffic is the product. Just depends on what
you really want.
Also, you can run your own VPN on a VPS if you don't want it at home, but still
want to have control and don't trust the big VPN providers. If you set it up
right, it would be about 3 minutes to bring it up and would only need to be
running when you are traveling, so the total cost would be pretty small at a
pay-by-the-minute VPS.
Lots-o-options.
_______________________________________________
Ale mailing list
https://mail.ale.org/mailman/listinfo/ale
See JOBS, ANNOUNCE and SCHOOLS lists at
http://mail.ale.org/mailman/listinfo
Byron Jeff via Ale
2018-03-16 13:31:57 UTC
Permalink
I have PIA (Private Internet Access) also. It's usable, but I get a bit
frustrated that it seems to drop heavily loaded connections at the drop of
a hat. I finally wrote a script that monitors the tunnel and restarts it
when it drops. It also incorporates a kill switch using IP tables so that
there is no leakage back to the ordinary connection when the tunnel drops.

Overall it works, but the continual starting and stopping kills the
throughput.

There are a ton of pages and requests on the subject of PIA dropping
connections. I never found a workable solution that stops the dropped
connedctions. So I really just have a band-aid that mitigates the fact that
I know it's going to drop.

But it's $3 and change a month. Can't complain about the price.

BAJ
Post by dev null zero two via Ale
I can highly recommend PIA and Torguard wrt # of locations around the
world AND speed. I can reach the single thread limit of the OpenVPN
client on my CPU (130 Mb/s) with both services.
however, if you are going to heavily restricted countries that actively
monitor VPN endpoints, your best bet is to setup your own Shadowsocks
server as that is less detectable.
Post by DJ-Pfulio via Ale
VPNs change their policies all-the-time. The good ones change from
week to week.
Post by DJ-Pfulio via Ale
What can we do? TorrentFreak does a review of VPNs every year,
usually in
Post by DJ-Pfulio via Ale
February.
This is unclear. Sorry. Because VPN providers enter the market all the time,
which is "da best" changes all the time.
There are free VPNs - where your traffic is the product. Just depends on what
you really want.
Also, you can run your own VPN on a VPS if you don't want it at home, but still
want to have control and don't trust the big VPN providers. If you set it up
right, it would be about 3 minutes to bring it up and would only need to be
running when you are traveling, so the total cost would be pretty small at a
pay-by-the-minute VPS.
Lots-o-options.
_______________________________________________
Ale mailing list
[3]https://mail.ale.org/mailman/listinfo/ale
See JOBS, ANNOUNCE and SCHOOLS lists at
[4]http://mail.ale.org/mailman/listinfo
References
3. https://mail.ale.org/mailman/listinfo/ale
4. http://mail.ale.org/mailman/listinfo
_______________________________________________
Ale mailing list
https://mail.ale.org/mailman/listinfo/ale
See JOBS, ANNOUNCE and SCHOOLS lists at
http://mail.ale.org/mailman/listinfo
--
Byron A. Jeff
Associate Professor: Department of Computer Science and Information Technology
College of Information and Mathematical Sciences
Clayton State University
http://faculty.clayton.edu/bjeff
_______________________________________________
Ale mailing list
***@ale.org
https://mail.ale.org/mailman/listinfo/ale
See JOBS, ANNOUNCE and SCHOOLS lists at
http://mail.ale.org/mailman/listinfo
Lightner, Jeffrey via Ale
2018-03-16 13:35:07 UTC
Permalink
Don't use the one Norton offers. It works for a bit but gets progressively slower to the point of becoming unusable. I had to remove and reinstall it 2-3 times before I finally removed it completely.

As an FYI: Opera has a built in VPN that works reasonably well for web surfing. They claim they never track where you go.

-----Original Message-----
From: Ale [mailto:ale-***@ale.org] On Behalf Of Byron Jeff via Ale
Sent: Friday, March 16, 2018 9:32 AM
To: Atlanta Linux Enthusiasts
Subject: Re: [ale] VPN recommendations?

I have PIA (Private Internet Access) also. It's usable, but I get a bit frustrated that it seems to drop heavily loaded connections at the drop of a hat. I finally wrote a script that monitors the tunnel and restarts it when it drops. It also incorporates a kill switch using IP tables so that there is no leakage back to the ordinary connection when the tunnel drops.

Overall it works, but the continual starting and stopping kills the throughput.

There are a ton of pages and requests on the subject of PIA dropping connections. I never found a workable solution that stops the dropped connedctions. So I really just have a band-aid that mitigates the fact that I know it's going to drop.

But it's $3 and change a month. Can't complain about the price.

BAJ
Post by dev null zero two via Ale
I can highly recommend PIA and Torguard wrt # of locations around the
world AND speed. I can reach the single thread limit of the OpenVPN
client on my CPU (130 Mb/s) with both services.
however, if you are going to heavily restricted countries that actively
monitor VPN endpoints, your best bet is to setup your own Shadowsocks
server as that is less detectable.
Post by DJ-Pfulio via Ale
VPNs change their policies all-the-time. The good ones change from
week to week.
Post by DJ-Pfulio via Ale
What can we do? TorrentFreak does a review of VPNs every year,
usually in
Post by DJ-Pfulio via Ale
February.
This is unclear. Sorry. Because VPN providers enter the market all the time,
which is "da best" changes all the time.
There are free VPNs - where your traffic is the product. Just depends on what
you really want.
Also, you can run your own VPN on a VPS if you don't want it at home, but still
want to have control and don't trust the big VPN providers. If you set it up
right, it would be about 3 minutes to bring it up and would only need to be
running when you are traveling, so the total cost would be pretty small at a
pay-by-the-minute VPS.
Lots-o-options.
_______________________________________________
Ale mailing list
[3]https://mail.ale.org/mailman/listinfo/ale
See JOBS, ANNOUNCE and SCHOOLS lists at
[4]http://mail.ale.org/mailman/listinfo
References
3. https://mail.ale.org/mailman/listinfo/ale
4. http://mail.ale.org/mailman/listinfo
_______________________________________________
Ale mailing list
https://mail.ale.org/mailman/listinfo/ale
See JOBS, ANNOUNCE and SCHOOLS lists at
http://mail.ale.org/mailman/listinfo
--
Byron A. Jeff
Associate Professor: Department of Computer Science and Information Technology College of Information and Mathematical Sciences Clayton State University http://faculty.clayton.edu/bjeff _______________________________________________
Ale mailing list
***@ale.org
https://mail.ale.org/mailman/listinfo/ale
See JOBS, ANNOUNCE and SCHOOLS lists at
http://mail.ale.org/mailman/listinfo
_______________________________________________
Ale mailing list
***@ale.org
https://mail.ale.org/mailman/listinfo/ale
See JOBS, ANNOUNCE and SCHOOLS lists at
http://mail.ale.org/mailman/listinfo
dev null zero two via Ale
2018-03-16 14:09:46 UTC
Permalink
Norton VPN
Opera VPN
what list is this?!?

.. just giving you shit.
Don't use the one Norton offers. It works for a bit but gets
progressively slower to the point of becoming unusable. I had to remove
and reinstall it 2-3 times before I finally removed it completely.
As an FYI: Opera has a built in VPN that works reasonably well for web
surfing. They claim they never track where you go.
-----Original Message-----
Sent: Friday, March 16, 2018 9:32 AM
To: Atlanta Linux Enthusiasts
Subject: Re: [ale] VPN recommendations?
I have PIA (Private Internet Access) also. It's usable, but I get a bit
frustrated that it seems to drop heavily loaded connections at the drop of
a hat. I finally wrote a script that monitors the tunnel and restarts it
when it drops. It also incorporates a kill switch using IP tables so that
there is no leakage back to the ordinary connection when the tunnel drops.
Overall it works, but the continual starting and stopping kills the throughput.
There are a ton of pages and requests on the subject of PIA dropping
connections. I never found a workable solution that stops the dropped
connedctions. So I really just have a band-aid that mitigates the fact that
I know it's going to drop.
But it's $3 and change a month. Can't complain about the price.
BAJ
Post by dev null zero two via Ale
I can highly recommend PIA and Torguard wrt # of locations around the
world AND speed. I can reach the single thread limit of the OpenVPN
client on my CPU (130 Mb/s) with both services.
however, if you are going to heavily restricted countries that
actively
Post by dev null zero two via Ale
monitor VPN endpoints, your best bet is to setup your own Shadowsocks
server as that is less detectable.
Post by DJ-Pfulio via Ale
VPNs change their policies all-the-time. The good ones change from
week to week.
Post by DJ-Pfulio via Ale
What can we do? TorrentFreak does a review of VPNs every year,
usually in
Post by DJ-Pfulio via Ale
February.
This is unclear. Sorry. Because VPN providers enter the market all the time,
which is "da best" changes all the time.
There are free VPNs - where your traffic is the product. Just depends on what
you really want.
Also, you can run your own VPN on a VPS if you don't want it at
home, but still
want to have control and don't trust the big VPN providers. If you set it up
right, it would be about 3 minutes to bring it up and would only need to be
running when you are traveling, so the total cost would be pretty small at a
pay-by-the-minute VPS.
Lots-o-options.
_______________________________________________
Ale mailing list
[3]https://mail.ale.org/mailman/listinfo/ale
See JOBS, ANNOUNCE and SCHOOLS lists at
[4]http://mail.ale.org/mailman/listinfo
References
3. https://mail.ale.org/mailman/listinfo/ale
4. http://mail.ale.org/mailman/listinfo
_______________________________________________
Ale mailing list
https://mail.ale.org/mailman/listinfo/ale
See JOBS, ANNOUNCE and SCHOOLS lists at
http://mail.ale.org/mailman/listinfo
--
Byron A. Jeff
Associate Professor: Department of Computer Science and Information
Technology College of Information and Mathematical Sciences Clayton State
University http://faculty.clayton.edu/bjeff ______________________________
_________________
Ale mailing list
https://mail.ale.org/mailman/listinfo/ale
See JOBS, ANNOUNCE and SCHOOLS lists at
http://mail.ale.org/mailman/listinfo
_______________________________________________
Ale mailing list
https://mail.ale.org/mailman/listinfo/ale
See JOBS, ANNOUNCE and SCHOOLS lists at
http://mail.ale.org/mailman/listinfo
Steve Litt via Ale
2018-03-16 14:32:54 UTC
Permalink
On Fri, 16 Mar 2018 09:04:24 -0400
Post by DJ-Pfulio via Ale
I run my own VPN at home, for when I'm away. It uses openvpn AES256
and works just like the VPN services. Works surprisingly well for my
15/3 slow-ass connection.
Why wouldn't everybody do your openvpn solution for when they're on the
road?

SteveT
_______________________________________________
Ale mailing list
***@ale.org
https://mail.ale.org/mailman/listinfo/ale
See JOBS, ANNOUNCE and SCHOOLS lists at
http://mail.ale.org/mailman/listinfo
DJ-Pfulio via Ale
2018-03-16 15:44:03 UTC
Permalink
Post by Steve Litt via Ale
On Fri, 16 Mar 2018 09:04:24 -0400
Post by DJ-Pfulio via Ale
I run my own VPN at home, for when I'm away. It uses openvpn AES256
and works just like the VPN services. Works surprisingly well for my
15/3 slow-ass connection.
Why wouldn't everybody do your openvpn solution for when they're on the
road?
I can think of a few good reasons, but mainly, you just don't want to tie your
current location with your home location.

A few other reasons NOT:

Sometimes you might be in a location that you really don't trust - even with a
VPN and wouldn't want to provide access to your HOME LAN for any attackers.

Getting openvpn working seems to be non-trivial due to all the configuration
options.

Perhaps the home has poor internet or poor power? Needing to use a VPN, but not
being able to connect will likely lead to poor security choices.

Not everyone is comfortable running a server from their home. They might believe
that the ToS from their ISP prohibits it for personal use, which I don't believe
is the case, but everyone has to follow their conscience. Personal use is fine,
even for residential accounts based on conversations I've had with ISPs over the
decades.

Not everyone wants to leave **any** computer running at home when they aren't there.

There are other reasons NOT to host from any specific location, as with most
choices.
_______________________________________________
Ale mailing list
***@ale.org
https://mail.ale.org/mailman/listinfo/ale
See JOBS, ANNOUNCE and SCHOOLS lists at
http://mail.ale.org/mailman/listinfo
Alex Carver via Ale
2018-03-16 18:04:58 UTC
Permalink
Post by DJ-Pfulio via Ale
Post by Steve Litt via Ale
On Fri, 16 Mar 2018 09:04:24 -0400
Post by DJ-Pfulio via Ale
I run my own VPN at home, for when I'm away. It uses openvpn AES256
and works just like the VPN services. Works surprisingly well for my
15/3 slow-ass connection.
Why wouldn't everybody do your openvpn solution for when they're on the
road?
I can think of a few good reasons, but mainly, you just don't want to tie your
current location with your home location.
Depending on the application in use your current location can be hidden
(e.g. mobile Firefox). Your "location" ends up being the exit IP of the
VPN. This is what I see when I'm on my phone using my VPN at home.
Post by DJ-Pfulio via Ale
Sometimes you might be in a location that you really don't trust - even with a
VPN and wouldn't want to provide access to your HOME LAN for any attackers.
Easy way out for this: Give yourself two openvpn profiles with two
static IP addresses for the tunnel (statics are easy to do as is). Set
up iptables on the VPN server to allow Profile A unrestricted access to
your home LAN and Profile B is only allowed to reach the gateway and any
IP address on the WAN. If you're in a scary place, log in with Profile B.
Post by DJ-Pfulio via Ale
Getting openvpn working seems to be non-trivial due to all the configuration
options.
Most of the defaults work fine. The only specific bits to choose are
the encryption algorithms and the key sizes.
Post by DJ-Pfulio via Ale
Perhaps the home has poor internet or poor power? Needing to use a VPN, but not
being able to connect will likely lead to poor security choices.
Not everyone is comfortable running a server from their home. They might believe
that the ToS from their ISP prohibits it for personal use, which I don't believe
is the case, but everyone has to follow their conscience. Personal use is fine,
even for residential accounts based on conversations I've had with ISPs over the
decades.
Not everyone wants to leave **any** computer running at home when they aren't there.
To tie two threads together I run openvpn on a Pi 2. :) It takes about
four seconds to negotiate a connection and then it works pretty well
after that. My ISP service isn't terribly fast in one direction so
there's some sluggishness at times but for basic browsing, email and
even VNC it works well enough. I also have SSH on that Pi as well so I
can tunnel in via that if VPN is being slow.
_______________________________________________
Ale mailing list
***@ale.org
https://mail.ale.org/mailman/listinfo/ale
See JOBS, ANNOUNCE and SCHOOLS lists at
http://mail.ale.org/mailman/listinfo
Arie vW via Ale
2018-03-20 15:55:38 UTC
Permalink
Not to hijack the thread, but I recently began toying with the idea of
purchasing Mullvad as an external VPN. I currently have an OpenVPN Server
running on my server at home which I use to access my home network from
time to time (mainly to stream my Plex library).
Now forgive my ignorance, and if I need to read up on a topic please don't
hesitate to point me in that direction; but is it possible to run my own
OpenVPN server next to a Mullvad VPN? Is it just a matter of having both
VPN's config files in /etc/openvpn and then choosing which instance to
launch? I probably would not attempt to run them in tandem, although if I
were to connect to my home server via my VPN then try and open Mullvad
would it cause issues?

From https://mullvad.net/en/guides/linux-openvpn-installation/:
3. copy mullvad_ca.crt, mullvad_crl.pem, mullvad_xx.conf and
mullvad_userpass.txt to /etc/openvpn/ (use sudo)
Cheers,
Arie
Post by DJ-Pfulio via Ale
Post by DJ-Pfulio via Ale
Post by Steve Litt via Ale
On Fri, 16 Mar 2018 09:04:24 -0400
Post by DJ-Pfulio via Ale
I run my own VPN at home, for when I'm away. It uses openvpn AES256
and works just like the VPN services. Works surprisingly well for my
15/3 slow-ass connection.
Why wouldn't everybody do your openvpn solution for when they're on the
road?
I can think of a few good reasons, but mainly, you just don't want to
tie your
Post by DJ-Pfulio via Ale
current location with your home location.
Depending on the application in use your current location can be hidden
(e.g. mobile Firefox). Your "location" ends up being the exit IP of the
VPN. This is what I see when I'm on my phone using my VPN at home.
Post by DJ-Pfulio via Ale
Sometimes you might be in a location that you really don't trust - even
with a
Post by DJ-Pfulio via Ale
VPN and wouldn't want to provide access to your HOME LAN for any
attackers.
Easy way out for this: Give yourself two openvpn profiles with two
static IP addresses for the tunnel (statics are easy to do as is). Set
up iptables on the VPN server to allow Profile A unrestricted access to
your home LAN and Profile B is only allowed to reach the gateway and any
IP address on the WAN. If you're in a scary place, log in with Profile B.
Post by DJ-Pfulio via Ale
Getting openvpn working seems to be non-trivial due to all the
configuration
Post by DJ-Pfulio via Ale
options.
Most of the defaults work fine. The only specific bits to choose are
the encryption algorithms and the key sizes.
Post by DJ-Pfulio via Ale
Perhaps the home has poor internet or poor power? Needing to use a VPN,
but not
Post by DJ-Pfulio via Ale
being able to connect will likely lead to poor security choices.
Not everyone is comfortable running a server from their home. They might
believe
Post by DJ-Pfulio via Ale
that the ToS from their ISP prohibits it for personal use, which I don't
believe
Post by DJ-Pfulio via Ale
is the case, but everyone has to follow their conscience. Personal use
is fine,
Post by DJ-Pfulio via Ale
even for residential accounts based on conversations I've had with ISPs
over the
Post by DJ-Pfulio via Ale
decades.
Not everyone wants to leave **any** computer running at home when they
aren't there.
To tie two threads together I run openvpn on a Pi 2. :) It takes about
four seconds to negotiate a connection and then it works pretty well
after that. My ISP service isn't terribly fast in one direction so
there's some sluggishness at times but for basic browsing, email and
even VNC it works well enough. I also have SSH on that Pi as well so I
can tunnel in via that if VPN is being slow.
_______________________________________________
Ale mailing list
https://mail.ale.org/mailman/listinfo/ale
See JOBS, ANNOUNCE and SCHOOLS lists at
http://mail.ale.org/mailman/listinfo
Alex Carver via Ale
2018-03-20 16:12:42 UTC
Permalink
Post by Arie vW via Ale
Not to hijack the thread, but I recently began toying with the idea of
purchasing Mullvad as an external VPN. I currently have an OpenVPN Server
running on my server at home which I use to access my home network from
time to time (mainly to stream my Plex library).
Now forgive my ignorance, and if I need to read up on a topic please don't
hesitate to point me in that direction; but is it possible to run my own
OpenVPN server next to a Mullvad VPN? Is it just a matter of having both
VPN's config files in /etc/openvpn and then choosing which instance to
launch? I probably would not attempt to run them in tandem, although if I
were to connect to my home server via my VPN then try and open Mullvad
would it cause issues?
3. copy mullvad_ca.crt, mullvad_crl.pem, mullvad_xx.conf and
mullvad_userpass.txt to /etc/openvpn/ (use sudo)
Cheers,
Arie
You can have as many profiles as you want on any particular device
(assuming the same client software is used, e.g. openvpn, etc.) and you
can have more than one client software as well (I have two on my phone,
one for work and one for home) though they may or may not run together
(see below). Just choose the one you want to use at that time and go.

Running one and then running the other will likely cause you extreme
headaches if you weren't thinking about that when setting up the
profiles. You have to decide what each profile is intended to do,
whether it's a partial or full tunnel, and how you want traffic routed.

In an extreme example: if you had set up both as full tunnels started
them both (since your personal VPN is accessible from the Internet at
large) you would probably end up using a VPN over a VPN (tunnel inside a
tunnel) and everything would be super slow but working.

If they were partial tunnels things might still work though it depends
on the device and whether more than one VPN can operate. My phone
refuses to start two VPNs, a laptop might not complain so much.

_______________________________________________
Ale mailing list
***@ale.org
https://mail.ale.org/mailman/listinfo/ale
See JOBS, ANNOUNCE and SCHOOLS lists at
http://mail.ale.org/mailman/listinfo
Arie vW via Ale
2018-03-20 16:24:10 UTC
Permalink
Ah, yes. The tunneling issue makes sense, thank you!
Arie
Post by Alex Carver via Ale
Post by Arie vW via Ale
Not to hijack the thread, but I recently began toying with the idea of
purchasing Mullvad as an external VPN. I currently have an OpenVPN Server
running on my server at home which I use to access my home network from
time to time (mainly to stream my Plex library).
Now forgive my ignorance, and if I need to read up on a topic please
don't
Post by Arie vW via Ale
hesitate to point me in that direction; but is it possible to run my own
OpenVPN server next to a Mullvad VPN? Is it just a matter of having both
VPN's config files in /etc/openvpn and then choosing which instance to
launch? I probably would not attempt to run them in tandem, although if I
were to connect to my home server via my VPN then try and open Mullvad
would it cause issues?
3. copy mullvad_ca.crt, mullvad_crl.pem, mullvad_xx.conf and
mullvad_userpass.txt to /etc/openvpn/ (use sudo)
Cheers,
Arie
You can have as many profiles as you want on any particular device
(assuming the same client software is used, e.g. openvpn, etc.) and you
can have more than one client software as well (I have two on my phone,
one for work and one for home) though they may or may not run together
(see below). Just choose the one you want to use at that time and go.
Running one and then running the other will likely cause you extreme
headaches if you weren't thinking about that when setting up the
profiles. You have to decide what each profile is intended to do,
whether it's a partial or full tunnel, and how you want traffic routed.
In an extreme example: if you had set up both as full tunnels started
them both (since your personal VPN is accessible from the Internet at
large) you would probably end up using a VPN over a VPN (tunnel inside a
tunnel) and everything would be super slow but working.
If they were partial tunnels things might still work though it depends
on the device and whether more than one VPN can operate. My phone
refuses to start two VPNs, a laptop might not complain so much.
_______________________________________________
Ale mailing list
https://mail.ale.org/mailman/listinfo/ale
See JOBS, ANNOUNCE and SCHOOLS lists at
http://mail.ale.org/mailman/listinfo
Continue reading on narkive:
Loading...