How to set up a VPN connection. How to connect to a virtual private network (VPN). Video: creating and setting up a VPN

Greetings! And straight to the point. What is a VPN server for? It is mainly used to change the IP address and your country in order to bypass various site blocking at work and at home. In addition, a VPN connection helps to encrypt the traffic and thus ensures the security of the transmitted data.

For example, using public Wi-Fi, all data transmitted through the network can be “hijacked”. Theoretically, these could be any files, but usually they steal passwords from wallets, mail, Skype, and anything else. In this article we will set up our own VPN server, it is not difficult. Despite the volume of the text, the main action takes up a small part, and the rest is buns :) The article also contains a video.

There are a lot of small ones on the Internet, from free to very paid ones. Disadvantages of free VPN services:

  • limited in speed
  • instability (everything is fine, then it’s terribly slow)
  • traffic restrictions (up to several Gigabytes per month)
  • Free period restrictions
  • periodically you need to look for other services
  • It’s not a fact that the transmitted data will be safe; you shouldn’t hope for anonymity at all, I would say.

Disadvantages of paid ones:

  • the desired country or city is not always available
  • hackneyed IP addresses (used by hundreds of clients), also applies to free ones
  • there is simply a scam without a refund, for example, the traffic is not unlimited, some servers do not work or are too slow

There are also advantages of VPN services - ease of use and relative cheapness.

Own VPN server on VPS/VDS hosting

So, if you need a specific country or city, or you need a lot of traffic that VPN services do not provide, or a guarantee of security, then it makes sense to bother setting up a personal VPN server. Typically this requires in-depth knowledge system administration servers. But I tried to explain everything simply so that even a teapot could understand it)

This method also has disadvantages:

  • there is only one IP address to which you can “transfer”, but there are additional ones for a fee
  • non-trivial setup for the first time
  • paid

Read to the end, and I will show you how to use your VPS server to bypass blocks without setting up a VPN on it.

What is a VPS/VDS server?

There are countless hosting providers on the Internet. All of them allow you to host your websites with them. The most popular service is virtual hosting. More advanced is dedicated virtual server– VPS (VDS is the same thing). On VPS you can host websites, set up a VPN server, mail server, game server– yes, whatever!

You need to know that VPS servers come in several types: OpenVZ, Xen and KVM. For the VPN server to work you need KVM. The server type is indicated in the hosting plans. OpenVZ and Xen are also sometimes suitable, but you need to write to the hosting technical support and ask if the “TUN” module is connected. Without going into details about what it is for, just asking. If not, can they enable it. It also doesn't hurt to ask if the VPN itself will work (even on KVM), because... some companies cover this possibility. Oh yes, the server operating system is Debian, Ubuntu or CentOS (in general, Linux-like). Server power doesn't matter.

Setting up a VPN server

I have a KVM VPS server at my disposal. Everything works here right away, you don’t need to write anywhere.

  • When ordering a service, you can choose the simplest one tariff plan"Micro"
  • All sites open even on servers in Russia
  • There is a free trial period of 7 days
  • Technical support helps
  • For my visitors, when you enter the promotional code: itlike60 - you will receive a real 60% discount on your first payment.

“Hostname” enter any or the name of your site (if you will in the future). “OS Template” select “Ubuntu 14.04 64bit” or any of Ubuntu, Debian, CentOS:

The operating system can then be changed if suddenly something does not work out.

After payment, you will receive an email with login details for the control panel and a Root password for setting up the server. And also the IP address of the server, and this will be your IP address when we install a VPN and connect to it from a computer

Click the “Manage” button and get into the administration window:

We don't need to touch anything here. The only thing that may be needed is to reinstall the operating system - the “Reinstall” button, more on that later.

Now we need to connect to the server to send commands to it. For this we will use free program Putty.

Unpack the archive with the program and run the file putty.org.ru\PuTTY PORTABLE\ PuTTY_portable.exe

In the “Host Name” field we paste the IP address of the server that came in the letter, you can also copy it from the control panel:

and click “Connect”. If a window like this pops up, then click “Yes”:

A black console window (command line) should appear in front of us. This is where we will give commands. But first you need to log in. To do this, enter “root” in the “login” field

Then copy the root password from the letter and paste it into the “password” field. To paste here from the clipboard, you just need to click once right click mouse across the console window. However, the password is not printed on the screen, it feels like nothing happened. Everything is fine, press “Enter”. Lines with information about the system should appear. If you wrote some error, check everything again. Also, the console will not wait long while you look for the root password. If by that time an error occurs, then launch Putty again.

Installing and running the main script

We are already at the finish line in setting up our own VPN server. There are many instructions on the Internet on how to install a server, but they all require knowledge system administrator, because small nuances are overlooked. To the delight of all dummies, there is a universal script “OpenVPN road warrior” that will do all the work itself. We only need to give the command to download and run it.

So, copy this line and paste it into the console window with the right button and press “Enter”: wget https://git.io/vpn -O openvpn-install.sh && bash openvpn-install.sh

All sorts of lines will flash through and, if the script has been successfully downloaded and launched, a dialogue with us will begin with the VPN server setup wizard:

The script finds the expected value for each parameter and offers to agree with it, i.e. Press “Enter” or enter your value.

  1. The first parameter is "IP address". The script should offer the same IP of the VPS server. This should be the case in 99.9% of cases, but if for some reason this is not the case, then correct it to the correct address.
  2. Second - protocol UDP or TCP. Leave the default UDP.
  3. Go ahead, "Port: 1194"- we agree.
  4. "What DNS do you want to use with the VPN?"— select “Google”, i.e. Enter the number “2” instead of one, Enter. If Google is blocked, then we leave it as default.
  5. "Client name"- Username. You can create access for different users. By default “client” - we agree.
  6. "Press any key..."— press “Enter” and wait a few minutes until everything is installed and configured.

In general, the creation of a VPN server is now complete, it’s time to reap the benefits. During the installation process, the script created a file with settings for our computer. In order for us to use the server, this file must be downloaded. To do this, insert into command line: cat ~/client.ovpn

The contents of the “client.ovpn” file will be displayed on the screen. Now you need to carefully copy it to the clipboard. Scroll up until you enter the command, select with the mouse all the lines except the very last one (for new commands), i.e. the last highlighted line will be “ " To copy the selection to the clipboard, press “Ctrl-V”.

Now on a computer in Windows 7/8/10, open Notepad and paste the copied text into it. Save the file on your desktop under the name “client.ovpn”.

If you plan to give access to the server to other people, then it is better to create for them separate files, for example vasya.ovpn. To do this, simply run the script again and now select the 1st item - creating a new user.

Client installation for Windows 7/8/10/XP and Android

Congratulations, we are at the finish line! Now all that remains is to install a free program that will connect to our VPN server. It's called "OpenVPN".

Download the version for Windows and install it, no need to run it.

If during the installation process all sorts of windows pop up, we agree with everything.

To connect to the server, right-click on the “client.ovpn” file on the desktop and select “Start OpenVPN on this config file”:

A black window will appear indicating the connection initialization process. If everything went well, then the last line should be something like:

A window may also pop up with a question like new network, then select “Public Network”.

You can check, go to the website 2ip.ru and look at your IP, it must match the IP of the VPS server:

The server console window can now be safely closed. And to close the VPN connection and return the old IP, you need to close the OpenVPN window.

To connect next time, just right-click the “client.ovpn” file from the desktop; you don’t need to do anything else.

With phone It’s even simpler, you need to install the OpenVPN application through the playmarket, download the client.ovpn file into memory, select it in the application and connect to our VPN server.

What if something went wrong

If you feel that because of your mistake, everything is now going wrong, then you can reinstall the operating system on the hosting. To do this, click “Reinstall” in the control panel (see screenshot of the panel) and select a new operating system (or the same one):

Press the “Reinstall” button and wait 10 minutes. A new Root password will also be issued, do not lose it!

Connection errors

Most problems arise at the stage of connecting to the server in the OpenVPN program, especially in Windows 8/10. The black window may contain errors, for example:

  • FlushIpNetTable failed on interface
  • All TAP-Win32 adapters on this system are currently in use
  • CreateFile failed on TAP device
  • DNS failed..

In this case, the first thing to do is to give the program administrator rights and, accordingly, log into the system with administrator rights. Let's go to "C:\Program Files\OpenVPN\bin\", right-click on the file openvpn.exe -> properties. On the “Compatibility” tab, check the “Run this program as an administrator” checkbox. Now everything should work.

More treatment options:

  • remove the program and reinstall as administrator
  • disable the “Routing and Remote Access” service via “Control Panel -> Administration -> Services”
  • try reinstalling from or here
  • remove all VPN programs and gadgets from other paid and free services

You can find out whether the problem is with your computer or laptop if you install the OpenVPN application on your phone or tablet through the play market, upload the client.ovpn file to it and connect to our VPN server. If this doesn’t work, then you need to look for the reason on the server and write to support.

If everything works, the sites are stuck and open intermittently

Pay attention to the messages in the black window to see if there are repeated lines “read from TUN/TAP ... (code=234)”

and also to the message somewhere in the middle “WARNING: ‘tun-mtu’ is used inconsistently, local...”:

In this case, open the client.ovpn file in Notepad and in the new very first line write:

tun-mtu 'server value'

server value is the number indicated at the end of the line in the text “remote=’tun-mtu 1500′”. Substitute your meaning! In the end it should look like this:

This is done because for some reason the MTU value on the computer and on the VPS server are different. We leave the .ovpn file for the smartphone untouched!

We allow traffic through a proxy without any settings at all

You can use our VPS/VDS server as a Proxy Server. To do this, we do everything as before until we click the “Connect” button in the Putty program. There is no need to open the console and run the script. Go to the “SSH->Tunnel” tab, set Source Port: 3128

Oops, I finished the article later, here I have Putty in English, but the essence is the same.

If it writes the error “You need to specify a destination address in the form host.name:port”, then switch to “Dynamic” instead of “Local”.

On the “Connection” tab, in the “Seconds between keepalives...” field, set it to 100 seconds, this is necessary so that the connection does not break due to downtime. Now let’s connect - click “Open” and enter your login/password. Next, go to the network settings in the browser and register the proxy server there. In chrome it's “Settings->Search for settings->write ‘proxy’->Proxy server settings.” We do everything as in the screenshot:

Now all sites will work through our server, but only in the browser and some programs. Other programs will not see the proxy and will work directly. In each program, in the connection settings, if provided, you need to specify the address, port and proxy type: Socks4/5. Or install OpenVPN and don't use a proxy.

How to allow only certain sites through a proxy

Install the extension for Google Chrome or Mozilla Firefox, called . In the settings you need to add our proxy server:

On the “URL Patterns” tab we add masks for sites that should be opened through our server. The site mask is its name with asterisks on the sides.

That's it, now the added site will go through a proxy, and all others will go directly. If you click on the extension icon, you can choose to allow all sites through it or none at all.

Shortcut for automatic connection

You can connect Putty to a proxy with one click. To do this, before connecting, you need to enter the server login in the “Connection->Data” section, the one that usually root

Now you need to create a shortcut on the desktop in which you specify the following parameters:

“C:\Program Files\PuTTY\putty.exe” -load myvpn -pw server_password

Where myvpn is the name of the saved session. That's it, there is only one detail left - remove the Putty window from the taskbar to the system tray. You need to download a modification of the utility and replace the exe file. Now in the settings tab Behavior a corresponding check mark will appear, but you don’t have to do this.

In this article we will take a closer look at the process of setting up a VPN server in the operating system. Windows Server, and also answer the questions: What is a VPN and how to set up a VPN connection?

What is a VPN connection?

VPN (Virtual Private Network) is a virtual private network that is used to provide a secure connection to the network. A technology that allows you to connect any number of devices into a private network. As a rule, via the Internet.

Although this technology is not new, it has recently gained relevance due to the desire of users to maintain data integrity or privacy in real time.

This connection method is called a VPN tunnel. You can connect to the VPN from any computer, from any operating system, which supports a VPN connection. Or a VPN-Client is installed, which is capable of forwarding ports using TCP/IP to a virtual network.

What does a VPN do?

VPN provides remote connection to private networks

You can also safely combine several networks and servers

Computers with IP addresses from 192.168.0.10 to 192.168.0.125 are connected through a network gateway, which acts as a VPN server. Rules for connections via the VPN channel must first be written on the server and router.

VPN allows you to safely use the Internet when connecting even to open Wi-Fi networks in public areas (in shopping centers, hotels or airports)

And also bypass restrictions on displaying content in certain countries

VPN prevents cyber threats from interception of information by an attacker on the fly, unnoticed by the recipient.

How VPN works

Let's look at how a VPN connection works in principle.

Let's imagine that transmission is the movement of a packet along a highway from point A to point B; along the path of the packet there are checkpoints for passing the data packet. When using a VPN, this route is additionally protected by an encryption system and user authentication to secure the traffic containing the data packet. This method is called “tunneling” (tunneling - using a tunnel)

In this channel, all communications are reliably protected, and all intermediate data transmission nodes deal with an encrypted package and only when the data is transmitted to the recipient, the data in the package is decrypted and becomes available to the authorized recipient.

VPN will ensure the privacy of your information along with a comprehensive antivirus.

VPN supports such certificates as OpenVPN, L2TP, IPSec, PPTP, PPOE and it turns out to be a completely secure and safe way to transfer data.

VPN tunneling is used:

  1. Inside corporate network.
  2. Consolidation of remote offices, as well as small branches.
  3. Access to external IT resources.
  4. For building video conferences.

Creating a VPN, selecting and configuring equipment.

For corporate communications in large organizations or combining offices remote from each other, hardware is used that is capable of maintaining uninterrupted operation and security in the network.

To use the VPN service, the role of the network gateway can be: Linux/Windows servers, a router and a network gateway on which the VPN is installed.

The router must ensure reliable operation of the network without freezes. The built-in VPN function allows you to change the configuration for working at home, in an organization or in a branch office.

Setting up a VPN server.

If you want to install and use a VPN server based on the Windows family, then you need to understand that client machines are Windows XP/7/8/10 this function do not support, you need a virtualization system, or physical server on the Windows 2000/2003/2008/2012/2016 platform, but we will look at this feature on Windows Server 2008 R2.

1. First, you need to install the “Network Policy and Access Services” server role. To do this, open the server manager and click on the “Add role” link:

Select the Network and Access Policy Services role and click next:

Select "Routing and Remote Access Services" and click Next and Install.

2. After installing the role, you need to configure it. Go to Server Manager, expand the "Roles" branch, select the "Network and Access Policy Services" role, expand it, right-click on "Routing and Remote Access" and select "Configure and enable routing and remote access"

After starting the service, we consider the configuration of the role complete. Now you need to allow users access to the server and configure the issuance of IP addresses to clients.

Ports that VPN supports. After the service is raised, they open in the firewall.

For PPTP: 1723 (TCP);

For L2TP: 1701 (TCP)

For SSTP: 443 (TCP).

The L2TP/IpSec protocol is more preferable for building VPN networks, mainly for security and higher availability, due to the fact that a single UDP session is used for data and control channels. Today we will look at setting up an L2TP/IpSec VPN server on the Windows Server 2008 r2 platform.

You can try to deploy on the following protocols: PPTP, PPOE, SSTP, L2TP/L2TP/IpSec

Let's go to Server Manager: Roles - Routing and Remote Access, right-click on this role and select “ Properties", on the “General” tab, check the IPv4 router box, select “local network and demand call”, and IPv4 remote access server:

Now we need to enter the pre-shared key. Go to the tab Safety and in the field Allow special IPSec policies for L2TP connections, check the box and enter your key. (About the key. You can enter an arbitrary combination of letters and numbers there; the main principle is that the more complex the combination, the safer it is, and remember or write down this combination; we will need it later). In the Authentication Provider tab, select Windows Authentication.

Now we need to configure Connection security. To do this, go to the tab Safety and choose Authentication Methods, check the boxes EAP and Encrypted Authentication (Microsoft version 2, MS-CHAP v2):

Next let's go to the tab IPv4, there we will indicate which interface will accept VPN connections, and also configure the pool of addresses issued to L2TP VPN clients on the IPv4 tab (Set the Interface to “Allow RAS to select an adapter”):

Now let's go to the tab that appears Ports, right-click and Properties, select a connection L2TP and press Tune, we will display it in a new window Remote access connection (incoming only) And On-demand connection (incoming and outgoing) and set the maximum number of ports, the number of ports must match or exceed the expected number of clients. It is better to disable unused protocols by unchecking both checkboxes in their properties.

List of ports that we have left in the specified quantity.

This completes the server setup. All that remains is to allow users to connect to the server. Go to Server Manager Active Directory users – we find the user we want allow access press properties, go to the bookmark incoming calls

There is much more to setting up a private virtual network than just registering and activating it. Our guide will help you get the most out of this tool ensuring confidentiality and security.

Everyone should use a virtual private network (VPN), regardless of how they connect to the Internet: be it a computer or a smartphone. It may sound paranoid, but real threats do exist, and they are only getting worse. Attackers may try to intercept your personal information through Wi-Fi networks. And every time you go online, your Internet Service Provider (ISP) has access to everything you send, and Congress has given the green light to sell your anonymous information to advertisers. Across the vast Internet, advertisers and spies can track your browsing habits and location by looking at your IP address. And it sounds scary.

The fact is that the Internet was not designed to protect your privacy. It was created to facilitate the exchange of information, and not for user anonymity, privacy or encrypted communication. While an HTTPS connection does a lot to protect your information, it does not protect against attacks on ISPs or local networks, which in turn is a serious problem if you have ever used a connection that is not yours, for example, in a hotel or cafe.
And until a new, more private Internet arrives (it may never), using a VPN is the easiest way to make sure you're sharing as little personal information as possible. Make no mistake: You need a private virtual network.

What a VPN Can and Can't Do

As with other security tools, it's important to understand the limits of a VPN. After all, you wouldn't rely on a bulletproof vest to save you when you fall out of a plane, or that a parachute will stop a bullet.
When you enable a VPN, your traffic is sent through an encrypted tunnel to a server managed by the VPN company. This means that neither your ISP nor anyone (or anything) else connected to your router will see your Internet traffic. Your traffic goes to the Internet through the VPN server. If you go to a site that does not use an HTTPS connection, your traffic will no longer be encrypted.

And since your traffic originates from the VPN server, your real IP address is safely hidden. This is important because IP addresses are distributed geographically and can be used to determine your location. And if someone tries to find out your IP address, they will see the IP address of the VPN server. And this can come in handy if you want to spoof your location. By connecting to a VPN server in London, you can make it appear as if you are accessing the Internet from the UK.
Here's what a VPN can NOT do: make your traffic completely anonymous. For this purpose, you are better off using services such as Tor. This excellent anonymization tool can be easily accessed through a special version Firefox browser. Instead of passing your data through one intermediary (via a VPN server), Tor routes your information through several different computers Tor networks. This makes the process of tracking your activity and your online presence much more difficult.

On top of that, websites can track your movements through cookies, browser collection of personal information, online trackers and other clever devices. Using an ad blocker like Privacy Badger helps quell these observant pests while also making it harder for advertisers to track your movements online.
Finally, just because you have a private virtual network doesn't mean you can forget about basic security rules. Although some VPNs claim that they can block viruses, we recommend separate antivirus software for your computer as it was designed specifically to protect your computer from malware.

Also, you are better off using a password manager because using the same password over and over again is often the main cause of hacking or infection. Another caution is to use simple intuition when opening links or applications in emails. Phishing attacks—attacks where a hacker uses a fake website that's copied from a real one to trick you into entering your personal information—are so common that they've become almost commonplace, so be careful.

How to choose a VPN

When choosing a VPN, there are several key points, which are worth paying attention to. For example, a VPN service should allow you to connect five devices simultaneously, at a minimum. We also pay attention to whether the VPN service allows you to use BitTorrent traffic on its servers. Some allow it and some don't, so pay attention to that because you don't want to be disappointed with the company you pay a monthly fee to.

Speaking of fees, the average cost of a VPN is $10.53 per month. If a VPN service charges a monthly fee more than this, it doesn't mean they're ripping you off, but they should be offering something substantial in return. For example, better interface or a large number of server locations to sweeten the deal a little. You'll usually be offered a discount if you sign up for a long-term contract, but we don't advise you to do this until you're completely sure you're happy with the service.

Please read the terms of service carefully before purchasing a VPN. This document will highlight what information the VPN service stores and what it does with this information. Many companies claim that they do not keep traffic logs, which is excellent. Others go further and claim that they do not monitor user activity at all. And this is important because the VPN has access to all the information you are trying to protect from others. In the best conditions of service, all of the above points are transparently traced, but in the worst conditions, on the contrary, everything is vague, with a lot of references to details and to the law. If you feel like you are deciphering Petka's letter when reading one of these documents, rest assured that you need to contact another service. TunnelBear, for example, clearly and transparently explains its services in easy to understand language.

It's also a good idea to look at where the VPN company is located. Remember that this is not always the physical location of the company, but a legal aspect that indicates under whose jurisdiction the company operates. For example, NordVPN is located in Panama, and ProtonVPN is located in Switzerland. This means that these companies are not subject to data retention laws under which security agencies can access the information stored on them. Another example, Hide My Ass VPN is based in the UK, where similar laws are more severe.
The most important thing when choosing a VPN is trust. So if the location, price or terms of service do not inspire confidence in you, then try another service.

The best VPN services in 2019:

Paid or free VPN

We recently conducted a survey of 1,000 people about VPN use. According to our results, 62.9% of respondents say they are unwilling to pay more than $5, and 42.1% say they want to use free VPN.
Unfortunately, most VPN services are far from providing their services free of charge. Or at least less than $5. But you don't have to break a bank to be protected. After trial use of the service for 1-2 months, you can sign up for a long-term contract, thereby reducing your costs. Private Internet Access VPN is an excellent and affordable service that costs just $6.65 per month for its services (no frills).

Most VPN services offer trial period, which is usually limited in time. Others, like TunnelBear and AnchorFree Hotspot Shield Elite, offer full free versions their products, but with some restrictions that do not apply to paid users. For example, TunnelBear keeps records of the data of its free users. But the free version of Hotspot Shield runs on advertising. ProtonVPN - creators of secure postal service ProtonMail – also has a limited trial period.
The Opera browser has a built-in free VPN and does not charge anything to use it. Opera also offers excellent VPN apps separately for iOS and Android, completely free, keeping you protected wherever you go.

Let's get started

Once you install the service, the first thing you should do is download the company's app. There are usually special download pages for this on the VPN service's website. So go ahead, download the app on your mobile devices too; The more devices you protect, the better for you. In most cases, you pay once to subscribe to a certain number of licenses (usually five), and then you can use the service on any device that has a dedicated app.
We discovered that when VPN was released for Mac, the Mac versions of apps App Store sometimes may differ from the versions available on the VPN service website. Apparently, this happens due to restrictions Apple. Through trial and error, of course, you can find out which version will work for you, but we did it for you in our reviews.

Once you have installed the application, you will be prompted for input information. In most cases, this is the username and password you provided when registering. Some companies, such as Private Internet Access, assign you a username that is different from your payment information to ensure greater user privacy.
Once you're logged in, your VPN app connects to the VPN server closest to you. This is done to ensure better speed over a VPN, as latency and speed reductions increase as the distance between your actual location and the VPN server's location increases. That's it: your information is now routed through a secure tunnel to the VPN server.

Keep in mind that you don't have to install VPN app companies. Instead you can configure network parameters your device to connect directly to the VPN service. If you are concerned about possible surveillance "under the hood" of the application, then this option is good for you. Most VPN services have instructions for setting up your device.

Server selection

Sometimes you might not want to connect to a server that a VPN app recommends. You might want to spoof your location, use BitTorrent over a VPN, or want to take advantage of some of the customized servers your VPN company provides you with.
Many VPN companies include interactive map into your applications. For example, in NordVPN you can click on a country to connect to its servers. This is an accessible way to understand where your information is going, and there will likely be a list of servers you can choose from.

Choosing a server depends entirely on what you want to do. For security and speed, you better choose a server near you. To access region-specific content, you must select a server in the appropriate region. For example, if you want to watch the BBC, you're better off connecting to a UK tunnel. Some VPN companies, KeepSolid VPN Unlimited and NordVPN, for example, have dedicated servers for video streaming.

These special servers are useful because streaming services like Netflix block VPNs. We are talking about licensed content that is protected by studios and Netflix itself. For example, Netflix has the rights to provide Star Trek: Discovery outside the US, but inside the US you need to pay for CBS's All Access service.
It would also be a good idea to check whether your BitTorrent VPN service allows traffic on all servers or only on special ones. NordVPN, like many other services, makes it clear that it does not allow torrenting. But TorGuard, for example, has nothing against this and allows you to use torrents on all the company’s servers.

Services like NordVPN and ProtonVPN have advanced security options, such as Tor network access or multi-hop VPN. As noted earlier, Tor is a tool for providing a higher level of privacy. It allows you to access hidden websites on the so-called Dark Web. A multi-hop VPN works in a similar way: instead of routing your traffic through one VPN server, a multi-hop connection will transfer you first to one server and then to another. Both proposals work to the benefit of privacy, but at the expense of speed.
If you choose to ignore third party applications and configure network settings manually, you may have to enter information for each VPN server separately.

Advanced settings

The feature set of each private virtual network differs from service to service, so we can only generalize and guess what you might see when you open the settings panel. But we recommend that you read the documentation and try clicking the buttons. Most The best way learning to use something means experiencing it, after all.
Most VPN services include a Kill-Switch feature. Once enabled, this option prevents the computer from receiving or transmitting information over the Internet while the VPN is turned off. This feature is useful when your computer is disconnected from the VPN and can transmit (or receive) bits of information over an unencrypted connection.

Many services offer the option to select a VPN protocol. It looks scary because the protocols have strange, unclear names, and companies rarely provide information about what will happen if the protocol is changed. Overall, this is the kind of thing you can leave alone.
But if you are still interested, then OpenVPN is the protocol we recommend. He is in open access, so a lot of eyes looked at it for possible vulnerabilities. IKEv2 is a good, secure replacement if OpenVPN is not available. Keep in mind that on some platforms, like macOS and iPhone, OpenVPN is not always available due to additional restrictions placed on developers.

When to use a VPN

To ensure the highest level of security, you should use private virtual networks as often as possible, and ideally all the time. But this is ideal, which is not always achievable. At a minimum, you should use a VPN if you are using a network that you do not control, and especially if it is a public Wi-Fi network. But more often than not, we recommend that users configure their VPN apps to keep them running for as long as possible. You can always switch off if it starts to bother you.

VPNs for Android and other mobile devices are a bit more complicated, particularly when you're in and out of the hotspot frequently mobile network. Every time you lose and re-gain connection data, the VPN also reconnects, adding to the tedious wait. It's also least likely that your mobile traffic may be intercepted, but we've seen research that shows it's possible. Considering the fact that law enforcement and intelligence agencies have virtually unfettered access to telecommunications data, here's a good tip: use a VPN even while using cellular communication. In addition, most mobile devices can automatically connect to familiar Wi-Fi networks. At a minimum, you should use a VPN while connected via Wi-Fi, because it's easy to spoof a Wi-Fi network.

Many VPN services provide settings for how and under what circumstances they should reconnect if the connection is lost. We honestly can't think of a reason why you wouldn't want your VPN service to try to reconnect, so we encourage everyone to make sure your settings are set correctly.
If you're concerned that a VPN is slowing down your connections or blocking important traffic, then you need to look at the split tunneling option. Again, different companies give this option a different name, but the gist of it is that it will allow you to configure applications that will use the VPN connection for their traffic, and applications that will work normally. For example, TunnelBear includes an option not to tunnel Apple apps so that they can function on Mac. Streamers and gamers in need of a VPN will certainly be interested in this option.

How to Use a VPN to Stream via Chromecast or AirPlay

Chromecast and AirPlay let you stream music and videos from your computer or mobile device on speakers, TVs and other streaming devices. But they all require Wi-Fi, which can be problematic if you're using a VPN.
When VPN is enabled, your traffic travels through an encrypted tunnel, which prevents devices connected to the same Wi-Fi network from detecting each other. This is how it should work, because you don't want anyone just being in range of your network to find out what you're doing. Sad to say, this also means Chromecast and AirPlay won't work while you're using a VPN.

The simplest solution is to turn off the VPN, but it is not the only one. You can use split tunneling, as noted earlier, to route only the traffic you want to protect through the VPN. You can also enable the VPN-browser plugin; it only encrypts browser traffic and nothing else.
Alternative solution: You can install a VPN on your router. After this, all devices connected to your router (from your phone to your smart juicer) will use encrypted traffic. This is an excellent solution for well-equipped smart homes.

Private virtual networks are not nuclear physics

VPNs may seem like some mystical security tool at first glance, but many companies work hard to make them clear and easy to use. Most of them are no longer difficult. That's how it should be. And while it’s never a good idea to shell out money for protection from potential threats, a VPN is one of the best and easiest ways to protect your network traffic from... Yes, everything.

The best VPN services in 2019:

Denial of responsibility: This article is written for educational purposes only. The author or publisher did not publish this article for malicious purposes. If readers would like to use the information for personal gain, the author and publisher are not responsible for any harm or damage caused.

Telegram has been blocked, free proxies and VPNs work intermittently due to a large influx of users or stop functioning altogether without explanation, like.

Paid tools can also disappear at any time: the law banning anonymizers and VPNs was passed a long time ago, but has not yet been applied. In this situation, the only guarantee of freedom on the Internet is your own VPN. Lifehacker will tell you how to set it up in 20 minutes.

Choosing hosting

To set up a VPN, you need a VPS - virtual private server. You can choose any hosting provider, as long as the following conditions are met:

  • The server is located in a country that does not fall under the jurisdiction of Russian authorities, but is quite close to your real location.
  • Random access memory (RAM) must be at least 512 MB.
  • Network interface speed is 100 MB/sec and higher.
  • Network traffic- 512 GB and above or unlimited.

The amount of allocated hard disk space and the type of drive does not matter. You can find a suitable solution for $3–4 per month.

When purchasing a server, choose KVM. OpenVZ and Xen are also suitable if they have TUN connected - you need to ask about this at technical service hosting provider.

There is no need to perform any additional manipulations with KVM, although some hosting providers may limit the ability to create a VPN on it. You can also clarify this with the support service.

When setting up a server, you can enter any value in the “Hostname” item: for example, test.test. The prefixes NS1 and NS2 are also not important: we write ns1.test And ns2.test.

Operating system - CentOS 7.4 64 bit or any other distribution, there are no fundamental differences in the settings. Leave the network traffic at 512 GB or select additional volume if you are afraid that the existing one will not be enough. Location - the closer, the better. The Netherlands will do.

After payment, you will receive an email with all the necessary data to set up a VPN. You have purchased space on a server in another country, all that remains is to redirect all traffic to it.

Setting up a VPN

We will use the Putty program to connect to the server and send commands. I received a link to it in an email with registration data for hosting. You can download the program. Putty and its analogues are also available on macOS, the settings will be identical.

Launch Putty. On the Session tab, in the Host Name field, enter the IP address that came in the letter and click Open.

When a warning window appears, click Yes. After this, the console will launch, through which you will send commands to the server. First you need to log in - the authorization data is also in the letter from the hoster. Login will be root, type it by hand. Copy the password to the clipboard. To paste the password into the console, right-click and press Enter. The password will not be displayed in the console, but if you are logged in, you will see information about the system or server number.


There should not be much time between entering your login and password. If an error message appears, restart Putty and try again.

To configure the VPN, I used the ready-made OpenVPN road warrior script. This method does not guarantee complete anonymity, so the user can be easily found when committing illegal actions. But it is enough to bypass the blocking. If all VPN services stop working, this connection will continue to function as long as I pay for hosting.

To use the script, paste the line wget https://git.io/vpn -O openvpn-install.sh && bash openvpn-install.sh into the console.

After successfully adding the script, a dialogue with the setup wizard will start. It independently finds the optimal values, all you have to do is agree or choose the appropriate option. All actions are confirmed by pressing the Enter key. Let's go in order:

  1. The IP address must match the IP address that you received in the letter from the hoster.
  2. Leave the default protocol as UDP.
  3. Port:1194 - agree.
  4. Which DNS to use - select Google. Erase 1 , write 3 and press Enter.
  5. Client name - enter the user name. You can leave client.
  6. Press any key - press Enter again and wait until the settings are completed.

After completing the setup, you need to create a file through which you will connect to the VPN. Enter the command cat ~/client.ovpn.

The contents of the file will appear in the console. Scroll up to the command cat ~/client.ovpn and select everything that appears below except the last line. The selection should end at. To copy a fragment, press Ctrl + V.

Launch Notepad, paste the copied fragment and save the file on your desktop with the name client.ovpn.

Connecting to the server

To connect using the created file, you need an OpenVPN client. The computer version can be downloaded. Download and install the program, but do not run it. Right click on the file client.ovpn and select Start OpenVPN.

A console window will appear with the connection initialized. If the connection was successful, the Initialization Sequence Completed status will appear below. During the connection process, a network selection window may appear, click on the public network.

To make sure the connection is correct, . It must match the one the hoster wrote in the letter. To stop sending requests to a server in another country, close the OpenVPN window.

OpenVPN also has clients for mobile devices.

To establish a connection, transfer the file to the phone memory client.ovpn. Launch the application and select OVPN Profile. Specify the path to the file and move the slider to the “Enabled” position.


A VPN connection icon will appear at the top. To verify that traffic is being routed through a server in another country, open mobile browser any IP address checking service.

Electronic communications are improving every year, and information exchange increasingly high demands are placed on speed, security and quality of data processing.

And here we will take a closer look vpn connection: what is it, what is a VPN tunnel for, and how to use a VPN connection.

This material is a kind of introductory word to a series of articles where we will tell you how to create a vpn on various operating systems.

VPN connection what is it?

So, a virtual private network vpn is a technology that provides a secure (closed from external access) connection of a logical network over a private or public one in the presence of high-speed Internet.

Such a network connection of computers (geographically distant from each other at a considerable distance) uses a “point-to-point” connection (in other words, “computer-to-computer”).

Scientifically, this connection method is called a VPN tunnel (or tunnel protocol). You can connect to such a tunnel if you have a computer with any operating system that has an integrated VPN client that can “forward” virtual ports using the TCP/IP protocol to another network.

Why do you need a VPN?

The main benefit of a vpn is that negotiaters need a connectivity platform that not only scales quickly, but also (primarily) ensures data confidentiality, data integrity, and authentication.

The diagram clearly shows the use of VPN networks.

Rules for connections over a secure channel must first be written on the server and router.

How VPN works

When a connection occurs via VPN, the message header contains information about the IP address of the VPN server and the remote route.

Encapsulated data passing over a shared or public network cannot be intercepted because all information is encrypted.

The VPN encryption stage is implemented on the sender's side, and the recipient's data is decrypted using the message header (if there is a shared encryption key).

After the message is correctly decrypted, a VPN connection is established between the two networks, which also allows you to work on a public network (for example, exchange data with a client 93.88.190.5).

Concerning information security, then the Internet is an extremely unsecured network, and a VPN network with OpenVPN, L2TP / IPSec, PPTP, PPPoE protocols is completely secure and in a safe way data transmission.

Why do you need a VPN channel?

VPN tunneling is used:

Inside the corporate network;

To unite remote offices, as well as small branches;

For digital telephony services with a wide range of telecommunications services;

To access external IT resources;

For building and implementing video conferences.

Why do you need a VPN?

vpn connection necessary for:

Anonymous work on the Internet;

Downloading applications when the IP address is located in another regional zone of the country;

Safe work in corporate environment using communications;

Simplicity and convenience of connection setup;

Provisions high speed connections without interruptions;

Creating a secure channel without hacker attacks.

How to use VPN?

Examples of how VPN works can be given endlessly. So, on any computer in the corporate network, when you establish a secure VPN connection, you can use mail to check messages, publish materials from anywhere in the country, or download files from torrent networks.

VPN: what is it on your phone?

Access via VPN on a phone (iPhone or any other Android device) allows you to maintain anonymity when using the Internet in public places, as well as prevent traffic interception and device hacking.

A VPN client installed on any OS allows you to bypass many of the provider’s settings and rules (if the provider has set any restrictions).

Which VPN to choose for your phone?

Mobile phones and smartphones running Android OS can use applications from Google Playmarket:

  • - vpnRoot, droidVPN,
  • - tor browser for network surfing, also known as orbot
  • - InBrowser, orfox (firefox+tor),
  • - SuperVPN Free VPN Client
  • - OpenVPN Connect
  • - TunnelBear VPN
  • - Hideman VPN

Most of these programs are used for the convenience of “hot” system setup, placing launch shortcuts, anonymous Internet surfing, and selecting the type of connection encryption.

But the main tasks of using a VPN on a phone are checking corporate email, creating video conferences with several participants, and holding meetings outside the organization (for example, when an employee is on a business trip).

What is VPN on iPhone?

Let's look at which VPN to choose and how to connect it to your iPhone in more detail.

Depending on the type of network supported, when you first start the VPN configuration on your iPhone, you can select the following protocols: L2TP, PPTP and Cisco IPSec (in addition, you can “make” a VPN connection using third-party applications).

All of the listed protocols support encryption keys, user identification using a password and certification are carried out.

Among additional functions When setting up a VPN profile on an iPhone, you can note: RSA security, encryption level, and authorization rules for connecting to the server.

For iPhone phone From the appstore you should choose:

  • - free application Tunnelbear, with which you can connect to VPN servers in any country.
  • - OpenVPN connect is one of the best VPN clients. Here, to launch the application, you must first import RSA keys via iTunes into your phone.
  • - Cloak is a shareware application, since for some time the product can be “used” for free, but to use the program after the demo period has expired, you will have to buy it.

VPN creation: selection and configuration of equipment

For corporate communications in large organizations or combining offices remote from each other, they use hardware equipment that can support continuous, secure work on the network.

To implement VPN technologies, the role of a network gateway can be: Unix servers, Windows server, network router and network gateway on which VPN is installed.

The server or device used for creating vpn enterprise network or VPN channel between remote offices must perform complex technical tasks and provide a full range of services to users both on workstations and on mobile devices.

Any router or VPN router must provide reliable operation on the network without freezes. And the built-in VPN function allows you to change the network configuration for working at home, in an organization or in a remote office.

Setting up VPN on the router

In general, setting up a VPN on a router is done using the router’s web interface. On “classic” devices, to organize a VPN, you need to go to the “settings” or “network settings” section, where you select the VPN section, specify the protocol type, enter the settings for your subnet address, mask and specify the range of IP addresses for users.

In addition, to secure the connection, you will need to specify encoding algorithms, authentication methods, generate agreement keys, and specify DNS server WINS. In the “Gateway” parameters you need to specify the gateway IP address (your own IP) and fill in the data on all network adapters.

If there are several routers in the network, you need to fill out the VPN routing table for all devices in the VPN tunnel.

Here is a list of hardware equipment used to build VPN networks:

Dlink routers: DIR-320, DIR-620, DSR-1000 with new firmware or Router D-Link DI808HV.

Routers Cisco PIX 501, Cisco 871-SEC-K9

Linksys Rv082 router with support for about 50 VPN tunnels

Netgear router DG834G and routers models FVS318G, FVS318N, FVS336G, SRX5308

Mikrotik router with OpenVPN function. Example RouterBoard RB/2011L-IN Mikrotik

VPN equipment RVPN S-Terra or VPN Gate

ASUS routers models RT-N66U, RT-N16 and RT N-10

ZyXel routers ZyWALL 5, ZyWALL P1, ZyWALL USG