Answer the question
In order to leave comments, you need to log in
The nuances of choosing and setting up a VPN - what to look for?
Good afternoon!
There was a need to use VPN.
The goal is to minimize the likelihood of attracting the attention of special services (provided there is no illegal activity), bypassing censorship.
I don’t understand networks and VPNs at all, so I’m sorry in advance.
Given:
- Home network with RB3011 at the input
- Mobile devices, incl. android phones and laptops that are used both inside the home network and outside it (the mobile Internet of the cellular provider \ local guest wi-fi APs are used).
Accordingly, questions:
1. VPN services usually limit the maximum number of connections. If you set up a VPN immediately on the RB3011, will it be one connection from the point of view of the VPN service, regardless of the number of end users in the home network?
2. Is it possible to configure RB3011 so that everything goes through the VPN, but the torrents go in addition to it "in the open", because. does this limit the list of VPN services and generally (at least for now) is not needed?
4. I met this opinion:
3. How to choose a service in terms of protocols (OpenVPN, PPTP, L2TP, IPSec) - as far as I understand, RB3011 has been able to do IPSEC for some time now , does this mean that I need to choose among the services that support it, given what I want configure VPN on RB3011?
First, it's just very expensive $12. For €5, you can get a seedbox for a month and get a free VPN included. $9 debrid for a month also with free fast VPN.
Everything that is more expensive than $5 does not make sense to discuss, IMHO.
Secondly, this particular NordVPN does not have proxy settings in the client. Therefore, it cannot be used from the local area behind a proxy.
when checking "anonymity" on various services, open ports and the provider's OWN dns vpn are visible
Answer the question
In order to leave comments, you need to log in
1) Don't buy a VPN, deploy it yourself. You buy a VPS somewhere with the possibility of deploying a VPN (for example, $2.49 / month for "zomro"). Deploy L2TP + IPSEC. If you don’t know how to do it yourself, use the ready-made scripts on the same github and connect your router to it already.
https://github.com/hwdsl2/setup-ipsec-vpn
2) Yes, you can. It is done by traffic marking. IP-Firewall-Mangle. You create a rule and in Action you specify Mark Routing with the necessary name. After that, IP-routes and you wrap the marked traffic on the VPN. Or vice versa. You specify the default route - VPN, and only wrap torrents to your provider.
You can read about Mangle on the Mikrotik wiki.
https://wiki.mikrotik.com/wiki/Manual:IP/Firewall/...
3) Without IPSec - your tunnel will be insecure. You MUST use IPSec. The optimal solution is L2TP+IPSec. Forget about OpenVPN forever if you want stability.
4) Request from Google: "cheap vps in Europe". For $3 this issue is solved.
5) That's right. But now proxies are almost never used anywhere.
6) when checking anonymity, everything is taken into account. From enabled webrtc to OS language, time and time zone, screen resolution, etc. So, if you want to "dig in" in a complex way, then VPN is one of many factors. And to think that a VPN will solve all the problems with anonymity is like buying an armored door and installing a lock for 200 rubles.
7) The fact that he sees all the requests that you use. And it's really very annoying. There is an article on the forum:
How to hide DNS requests from the prying eyes of the provider.
I advise you to take a look at it.
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question