What's new

Country restriction avoidance router VPN advice

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

giopas

Regular Contributor
Hi all,

I am looking for a easy to setup (and cheap) VPN to overcome some ip related restrictions.

What I am looking for is something with the following characteristics (besides the rest):

1. It can be easily be set on an off on our router (RT-AC87U in my case),
2. you can easily change IP country from the router GUI interface or in an easy way,
3. you can restrict the VPN to a given ip (e.g. my NAS) and/or to a given application (e.g. Google Chrome) and/or a given domain.

What do you use, what do you suggest?

Thank you!

giopas

ps: I am currently using Hola.org on Chrome, but I am not sure it is a good idea
 
Last edited:
What do you use, what do you suggest?
ps: I am currently using Hola.org on Chrome, but I am not sure it is a good idea
Hi,

You are asking for help to do something that is illegal in most of the countries. You better watch out and understand why we are not willing to support you, as we want to stay in the legal boundaries of our countries... :eek:

With kind regards
Joe :cool:
 
Thanks for your answer joegreat. Let's rephrase it (I have amended my first post).

What VPN, highly integrated with our router, do you suggest?

I have found Astrill, but I am interested to know if there are others which are as good, or even better.
 
Last edited:
Thanks for your answer joegreat. Let's rephrase it (and I amended my first post).

What VPN, highly integrated with our router, do you suggest?

I have found Astrill, but I am interested to know if there are others which are as good, or even better.

Any that uses OpenVPN would be usable from the router, however Astrill is the only one that provides a router applet to allow more advanced configuration specific to their service. Also, you can only restrict by IP, you cannot restrict by domain or by port.
 
Also, you can only restrict by IP, you cannot restrict by domain or by port.

Thanks RMerlin,

I have found that site specific is possible (here). This is great as all devices behind the router which want to access mydomain.com will automatically go through the VPN, right?

As far as I understand I just need to add each single domain ip to the list, but a simple "dig mydomain.com a" will be enough, right? Otherwise there is also Astril Site Catcher.

Astrill is the only one that provides a router applet to allow more advanced configuration specific to their service

This is indeed a very nice feature, as it gives immediately access (even from remote!) to VPN settings! It is strange that nobody else has done it yet!

Otherwise, what other VPN provider do you suggest?
 
Last edited:
I suggest AirVPN. Their configuration generator makes it easy to create and download the ovpn config file for the server you want. After that it's as simple as uploading the ovpn file to the router, saving, and turning the openvpn client on.
 
I suggest AirVPN. Their configuration generator makes it easy to create and download the ovpn config file for the server you want. After that it's as simple as uploading the ovpn file to the router, saving, and turning the openvpn client on.
Thanks cosmoxl, what about site profiling?

Moreoverr, I read:
  • 4 Mbit/s download + 4 Mbit/s upload, minimum allocated granted bandwidth.
Would it be fine for watching HD streaming videos?
 
wrong, that's guaranteed bandwidth. they are the only VPN provider I know of that guarantees any bandwidth. you're not restricted at all except by your ISP and the route to the VPN server.

what do you mean by site profiling?
 
While you can do what you want to do with most VPN providers using Merlin's firmware the simplest method for someone that doesn't want to get bogged down creating iptables is to use the Astrill app running under Merlin's firmware.

Astrill also will allow you to run a VPN on most of your portable devices. Useful when away from home to protect yourself when connected to sketchy WiFi hotspots.
 
with merlin firmware you can do that with any VPN. he has policy routing built in.
As intuitive as Astril's applet? Btw, RMerlin, you could steal their idea and put it in your firmware :)

CaptainSTX, so you suggest using Astrill? Have you tried it?
 
I have found that site specific is possible (here). This is great as all devices behind the router which want to access mydomain.com will automatically go through the VPN, right?

Right. Note that such policy-based routing is also part of Asuswrt-Merlin, and will work with any OpenVPN provider. The only restriction is that it must be an IP (or a range of IPs), it cannot be port-specific.

This is indeed a very nice feature, as it gives immediately access (even from remote!) to VPN settings! It is strange that nobody else has done it yet!

It requires having a skilled developer to develop, and also to maintain it. Not always that easy as sometimes firmwares can change in unexpected ways, completely breaking your plugin you are hacking in (as there is no standard API to implement user add-ons on the vast majority of router firmwares).
 
Hi,

You are asking for help to do something that is illegal in most of the countries. You better watch out and understand why we are not willing to support you, as we want to stay in the legal boundaries of our countries... :eek:

With kind regards
Joe :cool:

Bypass geo-lock in most cases is not illegal. I'm aware a few cases actually are.

For example, watching BBC live broadcast on iplayer outside UK is. But then watching BBC live broadcast on iplayer within UK but without a TV license is illegal too.
 
Thanks RMerlin, but is there a GUI for use the VPN only for certain domains?

No. The webui only lets you enter IPs or whole subnets, not whole domains. You will have to figure out if the domain you want to route has a single IP or a single subnet which you could use for the destination.
 
No. The webui only lets you enter IPs or whole subnets, not whole domains. You will have to figure out if the domain you want to route has a single IP or a single subnet which you could use for the destination.
I should use "dig mydomain.com a" and add all IPs to do so, right?
 
Hi giopas
Using dnsmasq with IPSET is a good choice, so that you could bypass geo-lock depend on the domain.
And then you could control the packet using iptables, let it go through VPN or others.

I am using dnsmasq with ipset and iptables redirect and shadowsocks-libev(a transparent proxy) to bypass
the firewall.
 
Having used and evaluated several VPN providers (Strong, Astrill, HMA ) I have found that currently Astrill is my first choice.
1. Highest and most consistent throughput. With my router and a VPN accelerator I usually get 75Mbps download speeds. In evaluating VPN services if often seemed that many providers don't have the bandwidth to support higher speed connections.

2. Astrill offers a very full featured set of apps which can run on either routers or mobile devices.

3. The ability to easily and quickly reconfigure my VPN connection to use servers through out the world without having to log into a web site and download a new configuration file.

4. Very good technical support.
 

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Staff online

Top