I haven’t seen a dedicated thread for VPN’s and the discussions therein, so here we go.

So a quick explanation, which I’m sure we’re all aware of, what is a VPN?

A virtual private network extends a private network across a public network and enables users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network. Wikipedia

The next point of concern is what VPNs are out there and to name a few. In no specific order, perhaps just a few of the best known:

---

Express VPN

The best VPN for streaming, privacy and speed.

Number of servers: 3,000+ | Speeds: Unlimited | VPN locations: 160 in 94 countries | Maximum devices supported: 5 | 24/7 live chat: Yes | 30 day money-back guarantee: Yes

Among the fastest VPNs out there
Wide device support
30-day free trial
Ace 24/7 support service
Only five devices simultaneously

---

Nord VPN

The world’s most famous VPN is also among the best.

Number of servers: 5,400+ | Server locations: 80+ in 59 countries | Maximum devices supported: 6 | 24/7 live chat: Yes | 30 day money back guarantee: Yes

Excellent focus on security
Fresh security audit in mid-2020
NordLynx delivers incredible speeds
Tons of servers
Mobile apps can be awkward

---

Surfshark

Fast, affordable, and super simple to use

Number of servers: 3,200+ | Server locations: 100+ in 65 countries | Maximum devices supported: Unlimited | 24/7 live chat: Yes | 30 day money back guarantee: Yes

Unlimited devices supported
Reliable and quick connections
Longer plans are great value
Great for streaming
Apps are fairly simple

---

So this thread came about as I was considering my options for a VPN. I would need something that I can put dedicated IP into a router or even console configuration. Also, what sort of context are you running a VPN, we have to consider things like exposing us to country locked content that is otherwise available in other countries, not to mention platforms like Netflix or Disney Plus.

What say you all, do you use a VPN and are you comfortable with their rates, and terms and conditions? Let’s open the discussion.

We use Winscribe:

I know its technically not good to do, but its for accessing us netflix, prime and all those kind of things. So far no issues and it works great on my tablet as well

Just dropped OpenVPN subscription. Frankly, I don’t trust off the shelf, VPN services. But even if I did, what they offer, as far as VPN functionality, doesn’t even come close to what’s possible. But read on.

I roll various versions of my own services. Wireguard VPN, is the software sitting behind the servers, when I want to route all the traffic from a device as a whole, through a server. I’ve setup this to route only certain traffic, that’s applicable, rather than every possible network packet.

If all I need is actually a proxy, ie. i just need an internet browser to route it’s traffic, then use the lazy choice of a normal socks5 proxy.

There’s also the poor man’s proxy, where you stand up a bog standard server in a random location, and port forward traffic through an ssh tunnel.

And last scenario, slack’s nebula overlay network, which allows computers to communicate over the internet, as if they’re on their own separate network, but without any particular gateway ip needing to foot the bill for bandwidth. This is bloody nice.

Clearly I’m no longer in the loop of what is on offer in this scope. I’ve been out of the techincal field for too long. Perhaps it’s good to include or even group the diufferent types, offers, and solutions that are out there?

I use SurfShark. I paid just under R1000 for 27 months of access…

Been using them for years, $5 a month.

No logs at all. Netflix and Prime video is still blocked using though ;-(

It uses six different VPN protocols : L2TP/IPSec, OpenVPN, SSTP, SoftEther, PPTP, and IKEv2. It provides strong data encryption and high speed connections , as well as unlimited bandwidth use. Peer-to-peer and torrent file sharing are allows on the Germany, Netherlands and Romania servers. CactusVPN also offers a SmartDNS option, which allows you to unblock over 200 websites .

I also use Surfshark as I needed a cheap way to connect to the US for my Disney + subscription, and it works well enough. Also got a crazy good deal on it, especially compared to some other VPN’s out there. I can highly recommend.

Same here! Only using it for Disney+ currently. Latency to US is a bit slow and quite noticable, so I connect to UK. Gives me access to The Mandalorian and the boy access to Puppy Dog Pals, so I’m happy!

Open google, type “Top 10 VPN providers 2021”, click “I’m feeling lucky”, read article, pick one.

Why?

Doesn’t do the same thing as say Nord, as you can’t change your endpoint location.

Yes and no; Some, not all.

When you connect to a proxy server, it becomes an intermediary between your device and the internet. All of your internet traffic gets rerouted through the proxy server, making it appear to have come from the proxy server’s IP address.
ssh -D 1337 -q -C -N myuser@myserver <- Congratulations your PC is now a SOCKS proxy and all your browser if configured to use 127.0.0.1:1337 will send traffic to the internet via whatever myserver is

As explained above, however you’re still going to foot the bill for the traffic egress. This will get tied back to you because well, you’re paying in one way or another.

Someone is paying for the bandwidth, also someone is running the service, which you don’t have access to.

VPN I use is PureVPN I used to have NordVPN but felt like it was just fail sometimes. I managed to get a PureVPN for a 5-year plan was I think R1500 so that’s not bad I think

Appreciate you going through my post, but you misunderstood quite a lot.

Care to elaborate? Just to clear up the “misunderstanding”

Let’s start…

What is a VPN?

In the simplest of terms it’s an encrypted connection between your device and a VPN server.

What is a VPN Service?

a VPN service is a service that uses a VPN protocol to tunnel the user’s internet traffic so an IP address of the service provider’s server appears to the public to be the IP address of the user.

What is WireGuard?

WireGuard is a free and open-source software application and communication protocol

Which current VPN Service providers offer WireGuard?

IVPN, Mullvad and Nord

The rest all still use OpenVPN. Nord by default is still OVPN based unless you use NordLynx.

What does say NordVPN log (in fact quite a few of these providers don’t log anything)?
Traffic? Nope, DNS Requests? Nope, Usage? Nope, Your IP address? Nope

Now what about Slack Nebula?

Nebula is a mutually authenticated peer-to-peer software defined network. Nebula’s user-defined groups allow for provider agnostic traffic filtering between nodes. Discovery nodes allow individual peers to find each other and optionally use UDP hole punching to establish connections from behind most firewalls or NATs. Number of VPN providers that use this : 0

I’ll just quote directly from the Slack engineering blog :

A few years ago, Slack was using IPSec to provide encrypted connectivity between regions. This approach worked well in the beginning, but quickly became an operational burden to manage our growing network. It also came with a small but measurable performance impact, because every packet destined for another region had to be routed through an IPSec tunnel host, adding a hop in the network route. We searched for an IPSec replacement, and even tried a few possible solutions, but none of them met our needs.

More importantly, as our software stack and service grew in complexity, network segmentation became increasingly difficult. One of our core problems was related to segmentation when crossing various network boundaries. Most cloud providers offer some form of user-defined network host grouping, often called “security groups”, which allow you to filter network traffic based on group membership, as opposed to individually by IP address or range. Unfortunately, as of this writing, security groups are siloed to each individual region of a hosting provider. Additionally, there is no interoperable version of security groups between different hosting providers. This means that as you expand to multiple regions or providers, your only useful option becomes network segmentation by IP address or IP network range, which becomes complex to manage.

Given our requirements, and the lack of off-the-shelf options that could meet our encryption, segmentation, and operational requirements, we decided to create our own solution.

I feel so dumb right now… And thats AFTER I read these whitepapers

But seriously, this is the reason off the shelf VPNs are so popular, because who has the time to roll their own?

Well you can roll your own, but it depends on what you want ultimately.

Most VPN services are popular because they do one thing really well : “mask where your traffic is actually coming from”

Wow dude, n betjie onbeskof there hey. I meant I run wireguard on my VPN servers. Using a VPN, has different use cases, so I mentioned proxy server, because that’s how most people use their VPN, so that their IP pops up somewhere else, not at home. Next mentioned the ssh tunnel, because it’s similar to that. And lastly, nebula for connecting 2 or more computers over the internet, without needing a VPN, but with some of the features that come with something like an office or corporate VPN. Related perhaps, but not actually the same.

Call me Yente, but next time there’s a tech security conference you two should really share a room.
#justsaying

Maybe I am wrong but from what I have been reading here. It all comes down to what you want to use and how you want to use it.

Updated my Firefox and was presented with this, Mozilla VPN, sadly it is not available in our region. But you could always use another VPN to access this VPN to set up a VPN… okay I’ll stop cos that could go on forever.