Cheap VPN

From: ANT_THOMAS24 Nov 2016 22:30
To: ALL1 of 20
Not sure how many people would be bothered or interested on here but I thought it might be useful for some.

Since the "Snoopers Charter" seems to be going full steam ahead I thought it would be worth looking into a VPN to try and prevent the logging of Internet history by the ISP.

A month or so ago I rented a very cheap VPS server for £4.50/year. Low spec, shared IPv4 address (unique IPv6), 20 available ports. It didn't do what I wanted at the time, but I remembered this evening I still had it so had a play. It didn't take long but it's now running OpenVPN and currently all the web traffic from my laptop and phone is going through it. Eventually if it works consistently I'll set it up on my dd-wrt router.

There's also a server for £2.50/year which is just silly cheap, with less RAM and less HDD space.
http://www.i-83.net is the place. I got the LDN-256 option, as I wanted a bit more RAM and HDD space at the time. You'll probably want a UK based server so all the browsing is still UK region/language.

From what I've read it's only the mainstream broadband ISPs that will be doing the logging and not datacenters, but I could be wrong. Also, with it being a shared IPv4 address there will be plenty of traffic coming out of the other end from multiple servers so that could be good in terms of making it difficult pinpointing who/what/etc. I guess it could be logged internally, but I wonder if they'd bother on servers so cheap.

If anyone is interested in some instructions I'll post them tomorrow anyway.
EDITED: 24 Nov 2016 22:31 by ANT_THOMAS
From: koswix24 Nov 2016 22:54
To: ANT_THOMAS 2 of 20
Definitely interested, possibly want one outside of the UK though so I can still watch my favourite panda fisting videos, too.
EDITED: 24 Nov 2016 22:54 by KOSWIX
From: Kenny J (WINGNUTKJ)25 Nov 2016 11:14
To: koswix 3 of 20
As far as I can tell, for this kind of thing, you're OK as long as the panda is dead. The so-called "Cameron Defence".

Swan-frotting, on the other hand, is right out.
From: CHYRON (DSMITHHFX)25 Nov 2016 19:14
To: koswix 4 of 20
What's "unconventional" about panda fisting?
From: ANT_THOMAS25 Nov 2016 19:34
To: ALL5 of 20
So, basically. Get a cheapo NAT based VPS from here - https://i-83.net
Apparently they've got a Black Friday deal on for 15% off! (code - 15OFFNAT)
As mentioned, I went for the £4.50/year London option.

I installed ubuntu 14.04 lts x64 since it's nice and easy. I imagine the Debian options will be fine too.

I initially followed the instructions here - https://www.digitalocean.com/community/tutorials/how-to-set-up-an-openvpn-server-on-ubuntu-14-04 - but it didn't work in the end, but it did teach me about most of the settings, which was nice.

I then followed these instructions, which is basically just an automated script - https://quadhost.net/account/knowledgebase/6/Install-OpenVPN-on-a-NAT-Server.html

This worked great first time. One setting I added to /etc/openvpn/server.conf was
Code: 
duplicate-cn
This means you can use the same client file across multiple devices, saving you from generating a new one for new devices. It will generate a client.ovpn file which you transfer to your devices and load into the openvpn client.


The biggest issue I had when I first rented the server was getting my head around the NAT based port system. It's actually fairly simple. If I read the initial emails that were sent I would have realised that.

The server the VPS is on has an IPv4 IP - this is the external IP
Your VPS has an internal IP - essentially a LAN IP. The port numbers are based off that eg:

External IP
123.123.123.123

Internal IP
192.168.40.50

Your open ports are defined by the last part of the IP "50"
Open ports:
5001-5020
and 5022 for SSH

So 123.123.123.123:5022 would be the SSH port/address for your VPS.
EDITED: 25 Nov 2016 19:35 by ANT_THOMAS
From: CHYRON (DSMITHHFX)26 Nov 2016 12:30
To: ANT_THOMAS 6 of 20
Do you (or anyone) know if it's possible to run vpn on a 'conventional' web server without messing up the latter's ip access to internet/lan via internal router and external dhcp? Thinking of trying it on our work ubuntu 14.04, but not if it nukes it.
EDITED: 26 Nov 2016 12:31 by DSMITHHFX
From: koswix26 Nov 2016 12:55
To: CHYRON (DSMITHHFX) 7 of 20
The hard part is nailing them to the wagon wheel.
From: ANT_THOMAS26 Nov 2016 14:19
To: CHYRON (DSMITHHFX) 8 of 20
To use the system in question as a an OpenVPN server?

If so, then as far as I can tell everything remains normal. It's only connecting devices/clients that have their network stuff changed for accessing things outside of the LAN. On my laptop and phone all my web traffic seems to go through the VPN and local traffic moves as normal.

I guess with a true business VPN you should be able to get access to that servers internal network from the VPN clients. No idea if I can do that. Probably possible if various interfaces are bridged or something.
From: CHYRON (DSMITHHFX)26 Nov 2016 14:20
To: ANT_THOMAS 9 of 20
Probably need to ask our isp to open port(s), unless it's going through ssh in which case already open.
From: CHYRON (DSMITHHFX)26 Nov 2016 14:21
To: koswix 10 of 20
Nail gun makes pretty short work of it.
From: ANT_THOMAS26 Nov 2016 14:25
To: CHYRON (DSMITHHFX) 11 of 20
You'll just need one spare port, if you don't already have one open.

OpenVPN defaults to 1194
From: koswix26 Nov 2016 15:35
To: CHYRON (DSMITHHFX) 12 of 20
Essential, doesn't help with holding them still though.
From: BarHenly (BARHEN)26 May 2017 11:48
To: koswix 13 of 20
Okay, since the topic suggested me about cheap vpn, I found this Purevpn review and got the most cheap yet with extra feature vpn. I am not sure I'll get it this week, I am running low on Nord's subscription but I think I'll buy this one.
From: koswix26 May 2017 17:29
To: BarHenly (BARHEN) 14 of 20
Does it support panda fisting?
From: Rich28 May 2017 22:07
To: ALL15 of 20
This guy's been busy keeping this comparison matrix up to date:
https://docs.google.com/spreadsheets/d/1L72gHJ5bTq0Djljz0P-NCAaURrXwsR1MsLpVmAt3bwg/edit
From: ANT_THOMAS28 May 2017 22:51
To: Rich 16 of 20
Holy shit, that's a lot of info.
From: gracia (GRACEINC) 7 Jun 2017 09:41
To: BarHenly (BARHEN) 17 of 20
Do you use this and does this provide a dedicated IP addon. 
From: gracia (GRACEINC) 7 Jun 2017 09:41
To: ALL18 of 20
Most i am concerned is that if it is cheap it might as well be keeping logs.
From: Laurence Burke (LAURENCE_BURKE)15 Mar 2018 13:38
To: gracia (GRACEINC) 19 of 20
I was using PureVPN and every time I got the issue about it that's why I want to switch to another VPN in reliable price after searching someone suggests me the article where guide about the best cheap VPN is given after following the guidelines I switch to NordVPN. It's really good cheap VPN.
APPROVED: 15 Mar 2018 13:58 by MILKO
Message 41843.20 was deleted