VPN Recommendations for pfSense?



  • Hi,

    I am looking into VPN's for pfSesne and am wondering what people are using out there?

    I am after performance, no logs, reasonably priced of course, US servers etc…

    Any recommendations would be great, thanks.


  • Banned

    @tmacka88:

    no logs … US servers

    ROFL. Good luck.





  • @tmacka88:

    here are some i found.

    https://www.bestvpn.com/blog/5266/5-best-vpns-for-usa/

    Spammiest article ever.  Probably wrong too.  Last I heard VyprVPN logs the crap out of what you do and keeps the info for 90 days.

    Go with PIA.



  • Private Internet Access is awesome, i have been using them for about 6 months now. Pfsense is connected 100% of the time.



  • I also recommend Private Internet Access. I've been with them for about a month now. pfSense is connected 100% of the time and speeds are great. It's hard to beat their price too.



  • thanks,

    Private Internet Access does look good. ill give them a shot.



  • If I so impolitely (I'm Dutch, we're world famous for that  ;D) could ask a question to the above peoples who endorse PIA: how did you get it to work? Because I am having a very hard time doing that, and I bought my trial based on the comments in this - and another - thread.

    I've documented my struggle here:

    https://forum.pfsense.org/index.php?topic=75251.msg410817#msg410817

    I'd be in debt for the golden tip  ;D

    Thank you in advance,



  • @tmacka88:

    thanks,

    Private Internet Access does look good. ill give them a shot.

    Yeah, i am actually on Google Fiber's 1Gbps plan and can pull around 700-800 through the VPN tunnel pretty consistently, without much latency added.


  • Netgate Administrator

    @Atlantisman:

    and can pull around 700-800 through the VPN tunnel pretty consistently, without much latency added.

    Wow.  :o That's in a different league to VPNs I've tried (and given upon).

    Steve



  • Consider using Hidemyass. It's compatible to all kinds of devices and you can be sure that your connection won't drop. It is also fast and reliable.



  • AirVPN



  • I can confirm the reliability of PIA, as it is on almost all of the time and hardly has any speed loss which actually makes me wonder if any traffic is actually encrypted at all (my external IP does change when using it, that it does).

    However, on another note: I have just been advised (again) to ditch it yesterday as it is considered one big data warehouse.

    The bold 'again' is because it has been said before by wise men in this thread: https://forum.pfsense.org/index.php?topic=63976.

    The recommended approach is to use your own VPS, and even multiple of them in a chain. The problem is: a lot of work to install, maintain and pay for for a SOHO user  :-[

    I also do recognize that the 1001 'VPN-review sites' are simply marketing scams, in which providers pay for a nice review. Couple that with user complaints being deleted from the 'customer support' 'forums', and it is a very easy job to scam people into paying. Of course, if you really want to perfect the money scam you will not provide a free trial but 'offer money back' (for which the customer will have to wait six months, will have to send 147 angry reminder emails which will not be answerred, and due to which the customer will almost get a heart attack out of angriness over the scum at the other side of the line), you will have no contact information aside from an email form on your website and a 'really professional looking' business adress which actually is a rented square meter in a 'suite' in a 'business location center', and you will of course ignore any questions about who owns the hardware, the qualifications of the technical staff, and so on.

    Most of these scams are so easy to see through ;D

    That being said, I am currently looking at some other VPN-providers (despite understanding the chaining of VPS's would be superior), and will report back my findings.

    The hosting on amazon would be nice too (the response in the thread I linked to in the above), but I still haven't found how to do this.



  • I have VyperVPN as part of a Usenet package I subscribe to.  I wouldn't think of using it for private stuff.  The US surveillance regime has already corrupted every IT company on Earth.  Like someone else already said, the only way to do VPN these days is to do it yourself with a VPS, and even then you don't know if you're actually secure or not.  I already rent a VPS just to act as a Tor Exit Node.  Maybe I should look into configuring some sort of VPN on it.



  • I would suggest PureVPN must check out its details and features.. They don't logs, reasonable price and multiple servers in US.. I hope compatible with pfsense



  • @doktornotor:

    @tmacka88:

    no logs … US servers

    ROFL. Good luck.

    If any of you believe that you are using a non-logging public VPN service in the USA that is truly private that you didn't set up yourself, you are delusional.



  • Do not go for PIA, it's US-based.

    Here are some VPN's from my list (feel free to disagree with me on these, also say why):
    BolehVPN, Proxy.sh, Mullvad, AirVPN, Cyber Ghost, VPN.ac



  • IPVanish is best for USA in 2015 I hope it will support pfsense as well.. IPVanish offer good speed and don't keep logs. have US and other countries servers with great protocols. Best USA VPN



  • No logging, specific country, speed, unlimited bandwidth… there are many angles to choose from. The least expensive one I found is from vpn.sh - 2 GBP per month. Good for light use. In fact I got an offer 2 GBP per year recurring plan. Now second year.



  • Seriously, if you are worried about logs, don't go with any commercial VPN provider.  Rent your own VPS for $10-20/month and run your own VPN on it, as well as lots of other cool stuff.  All these VPN providers taht say they don't log… how do you know, and why would you take them at their word?  Run your own box and be done with the uncertainty.



  • I have been using VPN and tried several VPN services. I am currently using IPVanish, it is one of the leading VPN service now and it is might be the best choice for pfSense. It has servers in almost 60 counties and a perfect choice for gamers, security experts and streaming lovers due to its fast service and amazing features. I recommend yiu to check out the detail IPVanish review in which you will get more important insights, exclusive deal from IPVanish



  • Hi as relevant as your question is I'm still wondering why you would need a VPN for pfSense because it is a Firewall technology that is doing half the job the VPN would do. If you do need one anyway that is based outside USA and takes no logs, I have been reviewing them for a long time now so here are the best ones I can suggest:

    1. PureVPN - based in Hong Kong
    2. Boleh VPN - based in Iran
    3. Ivacy VPN - based in Hong Kong



  • Since my last post, I spun up an OpenVPN instance on my VPS.  Works like a charm, and no logs.



  • But it's still your server, so you are responsible for it.. Or am I wrong?



  • Of course I'm responsible for it.  However, I run a Tor Exit node on that VPS as well, so I have some plausible deniability.  At the end of the day, if I feel like stealing a movie I really don't give two shits about the MPAA.  What are they going to do, nibble my bum?


  • Netgate

    ProXPN claims to keep no logs and I think you can pay in bitcoin.



  • @KOM:

    Seriously, if you are worried about logs, don't go with any commercial VPN provider.  Rent your own VPS for $10-20/month and run your own VPN on it, as well as lots of other cool stuff.  All these VPN providers taht say they don't log… how do you know, and why would you take them at their word?  Run your own box and be done with the uncertainty.

    Most VPS will come with a fixed ip, so it doesnt really matter too much what solution is used, beit VPS, Tor or a free Proxy service of sorts, logging will always take place at one or more points along the route.

    This kind of explains the situation https://blog.torproject.org/blog/plaintext-over-tor-still-plaintext and when you consider things like Web browsers report back to Google, and all activity if running windows is reported back to MS, theres few ways to surf anonymously.

    The problem with Tor, is that it doesnt add a variable delay to the traffic it routes, which is also a flaw with some Bitcoin tumblers incidentally, as you dont need to see whats encrypted as long as you can trace the encrypted data as it passes along nodes, until it reaches its destination. Even though traffic is encrypted, its possible to work out when data is encrypted and when its just an empty tube shielded by encryption, they have different patterns.

    Even if using a VPS or Tor Exit nodes that exist in a hostile territory, its still possible to work out and spot identifying patterns which can be used to aggregate various online sessions together which will over time usually make it possible to identify who someone is, as we all leak data, even simple things like the time of posting can link someone to a timezone. Thats sums up some of the work of the NSA & other spooks.



  • no logs…..US servers

    I've tried Mullvad, NordVPN and Anonine. Mullvad should be fine because they don't want name, email. Nord sucks because I got disconnected every now and then. Moreover, they renew your account automatically. With Anonine my connection goes down virtually every hour! And they won't do a refund! This is almost theft. Don't ever subscribe to Nord or Anonine. Lokun looks promising since they are based in Iceland and they don't do advertising. But quite expensive. I use Ipvanish, I did some research a few month ago before all this nonsense for ways to get out of my corporate network, they seemed to come back the best for anonymity.



  • Thats sums up some of the work of the NSA & other spooks.

    Nothing is perfect but you want to make it as hard as possible for them.  No free lunch for snoops.



  • here it is explained properly why not to use VPNs services from USA.

    https://www.privacytools.io/



  • @n3by:

    here it is explained properly why not to use VPNs services from USA.

    https://www.privacytools.io/

    Definitely plenty VPN providers around nowadays that are based outside of US jurisdiction and law.

    Very relevant to this entire topic thread: I just wrote up this 10,000+ word "ultimate guide to privacy" – http://fried.com/privacy , and would really like feedback on it. I want it to be as useful and all-encompassing at is can be, so any feedback or suggested additions are hugely appreciated guys.

    Chris



  • Recently I was heading with the same question and looking for good and fast vpn so some one suggested me a good source http://www.fastvpnservice.com/ and now I am using hidemyass and I am much satisfied with its performance and speed and you can also use hidemyass as it is also compatible with pfsense, I am hopeful this information helps you and others who are looking for the same info.



  • I use ExpressVPN it is not US-based VPN so best and ideal for USA it has strong network of servers in the USA and it is also compatible with pfSense and other VPN routers and all devices and operating systems



  • In case no one has seen it…

    WHICH VPN SERVICES TAKE YOUR ANONYMITY SERIOUSLY? 2016 EDITION

    https://torrentfreak.com/vpn-anonymous-review-160220/



  • AirVPN



  • I like Cyberghost



  • I've said it here before, but I like running my own VPS so that I can implement OpenVPN on it and then I am SURE that no logs are being stored.  You can rent some VPSes for like $5/month.  A few of those around the world and you have your own VPN network chain with multiple PoPs.

    As for that VPN Privacy survey dealie, I don't really trust the entity to accurately report on itself.  "Do you keep logs?"  "NO WAY MAN!!!"  Except that they do, and you can't prove it, and there is no penalty for them lying to you.  That is why I refuse to rely on a 3rd-party service for privacy.  Granted I don't really care too much about logging.  I'm not hacking the Pentagon, and the RIAA/MPAA can kiss my shiny metal ass since I'm not in the US.



  • My vote goes to Private Internet Access - their "no logs" was tested with a court order (look on torrentfreak.com you should be able to find the article.)  Service is reliable based on my experience and can't beat the price.

    Renting your own box is a pretty bad idea since anything in or out of it will be traced back to you very easily.

    If you need more security then you should likely nest VPNs.



  • Renting your own box is a pretty bad idea since anything in or out of it will be traced back to you very easily.

    How so?  They would either have to have direct control over my box, or be in a position to monitor the traffic coming and going from my host.  If they're already at that point, you're screwed anyway.  I didn't mention that I'm also a Tor exit node, so I have a shit-ton of random traffic flying around at a sustained 10 Mb/s.



  • @KOM:

    Renting your own box is a pretty bad idea since anything in or out of it will be traced back to you very easily.

    How so?  They would either have to have direct control over my box, or be in a position to monitor the traffic coming and going from my host.  If they're already at that point, you're screwed anyway.  I didn't mention that I'm also a Tor exit node, so I have a shit-ton of random traffic flying around at a sustained 10 Mb/s.

    Being a Tor Exit point may give you "plausible deniability" and help you "hide in a crowd", but if your remote host IP becomes the subject of interest - all they have to do is "ask" the entity renting the host, and that exit IP is directly traceable to you.  If it comes from VPNx, then they have to "ask" VPNx, and if they don't have logs, then VPNx can say "no idea, we don't log".