a.x61.sh

Bypass blocked VPN restrictions
from moe93@lemmy.dbzer0.com to privacy@lemmy.ml on 22 Jul 00:40
https://lemmy.dbzer0.com/post/49498462

I have recently been finding myself on a network (cellular) that blocks access to VPN. I have tried Wireguard on multiple ports using IVPN and Windscribe with no luck. Similarly tried OpenVPN and IKEv2.

I also tried using Windscribe’s “stealth” protocol and IVPN’s obfuscation protocol but again with no luck.

I refuse to rawdog the internet like that and was hoping to get advice on how to work around that nonsense.

I am on iOS if that matters.

#privacy

threaded - newest

shortwavesurfer@lemmy.zip on 22 Jul 01:11 next collapse

You could potentially get your own VPS server and set that up as a VPN server that way you’re not connecting to a known VPN.

Edit: You might also try using Tor.

moe93@lemmy.dbzer0.com on 22 Jul 08:49 collapse

I have a Wireguard tunnel running on my home server back home in the US. I am currently outside of the US and that Wireguard tunnel won’t connect if I am on cellular connection for this one specific provider that I am using atm.

I have never attempted to use Tor as a VPN on my iOS device, how is the performance in terms of making Signal calls for example?

shortwavesurfer@lemmy.zip on 22 Jul 15:16 collapse

Oh, I see. I don’t think you can make calls over tor because I think it’s TCP only. Not UDP.

Could it be an IP addressing problem by chance where the telecom provider doesn’t support say IPv6 while your home network is IPv6? If so, they may not be blocking it, so much as it’s not possible to make the connection to begin with.

moe93@lemmy.dbzer0.com on 22 Jul 15:57 collapse

My home server VPN is IPv4. The VPN provider I have uses both IPv4/6. Neither of those work.

At this point I am inclined to believe the network carrier is performing DPI as I also can’t use OpenVPN on TCP 80 and TCP 443, which are generally hard to block unless provider is intentionally looking into it…at least that’s my understanding.

shortwavesurfer@lemmy.zip on 22 Jul 18:14 collapse

That very well could be, as I mentioned earlier, you might get yourself a VPS and set up an SSH tunnel or something like that, but otherwise I have no idea.

I do know that you can use signal over tor because I do so, but I only use it for the sending messages and voice messages part. As I said, I think the audio call uses UDP and tor is TCP only to the best of my knowledge.

The only other thing I could think of would be to try a mix net such as Nym.

furrowsofar@beehaw.org on 22 Jul 01:21 next collapse

Usually openvpn via tls port 443 is the least blocked.

user224@lemmy.sdf.org on 22 Jul 02:52 collapse

I also had luck with UDP on port 123. On some public WiFi networks I could even connect to internet that way without agreeing to ToS on “login page”.

SheeEttin@lemmy.zip on 22 Jul 01:27 next collapse

A VPN isn’t rawdogging the Internet. For that you should use stuff like ad blockers. A VPN only protects traffic inspection by on-path attackers like ISPs, though HTTPS mitigates most of that, leaving only metadata. It also changes the apparent origin of your connection.

If possible, I’d change providers.

Geodad@lemmy.world on 22 Jul 01:56 next collapse

Please name and shame your provider. I’d like to know which ones to avoid.

moe93@lemmy.dbzer0.com on 22 Jul 08:52 collapse

I am on a trip and using a local carrier in the country I am currently staying at, carrier is called Zain.

med@sh.itjust.works on 22 Jul 02:51 next collapse

Have you tried tailscale with an exit node? Could be worth a test, if it works, some combination of other providers might too

Melody@lemmy.one on 23 Jul 02:51 collapse

I second tailscale. But this requires you to be using it at home as well.

hellfire103@lemmy.ca on 22 Jul 09:36 next collapse

Honestly, this sounds like a job for Tor. Install Orbot, possibly enable a bridge, and you should be good to go. Onion Browser is recommended for use with Tor, but Safari will work just fine.

I have never tried calling over Tor, but I have never had an issue with the speed before (although it is inherently slower than a VPN).

Tor Bridge Types

* obfs4 makes your traffic appear “random” * snowflake disguises your traffic as VoIP * meek-azure makes it look like you’re connecting to Microsoft services * meek-amazon makes it look like you’re connecting to AWS * meek-google makes it look like you’re connecting to Google

slackness@lemmy.ml on 22 Jul 12:24 next collapse

You can use Tor: orbot.app

Cheapest way to not be in this situation is to run an exit node on your home network and route your traffic through when you’re travelling (dead simple with Tailscale).

Also try Mullvad’s circumvention methods.

dajoho@sh.itjust.works on 22 Jul 21:46 collapse

Try setting your vpn to listen on UDP, port 53 (usually used by DNS. If that fails, it’s going to be some sort of deep packet inspection, yes.