Sunday, December 29, 2013

VPN service updates

I have been using paid VPN service for over a year now.  Now it's about $6/7 a month so that's not bad compared to some dedicated service.  VPN is flexible that meet my several needs.

I tried Kryptotel for a month, then three, then a year.  It's that good.  But recently the service was unreliable.  The server may becomes slow, that's when I switch to another random server.  It usually works great but it seems that all the servers are busy.

When my subscription ended, I was surprised that they don't sell openvpn anymore!  The company's business is all about encryption, and I have been taking it seriously because it is an offshore company setup for that purpose.

Maybe they are pressured not to sell something that is not crackable?  They still sell other VPN's.  May be openvpn is too difficult to support?  Their local techs do seem not to know what they are doing, but very responsive.  Maybe they can't compete with Openvpn itself, selling VPN by bandwidth.  That's a very good deal if you just want to protect you IP and privacy from coffee shops.

I changed to Mullvad and so far so good.  The servers are not as fast as when I used Kryptotel a year ago.  But much better than the last days of Kryptotel Openvpn.  Their advantage is that for random servers they have some in Eastern Europe.  That seemed to be popular for some p2p applications.  But your bank and facebook will be very suspicious.   You can also use servers only from some countries if you change the server address.  I have a script for that to switch servers developed for Kryptotel.

They have the same "bug" or feature that couldn't make it work out of the box for linux.  It's the pushed option from the server:

redirect gateway def1 bypass-dhcp

They have to bypass dhcp for Windows but it's an illegal option in Linux.  So the whole option is discarded.  So in your client config file you need to add:

redirect gateway def1

And my lesson learned - never pay for the whole year.

Openvpn works on a lot of my platforms now.  Ubuntu insists on separate certificate files.  Ipad works if you email the single config file to yourself and open it.  Android works if you just drop the separate files to the phone.  But it doesn't work for some stick computers because they don't include a kernel module.  But you can root and upgrade.  DD-wrt accept separate files pasted into dialog boxes.  Chrome OS the same.  But I didn't try the latter two.  I will be surprised if they don't work.

1 comment:

Edward said...

this is an excellent website and i like it very much.

using a vpn in china
unblock vpn