OpenVPN is an incredibly popular connection protocols among leading VPN services. However, there are still a rare few providers that, for whatever reason, don’t offer OpenVPN connections. Personally, I view the lack of OpenVPN service as a red flag, because almost every competent and quality provider uses it.
One of the reasons OpenVPN is so great is because it is incredibly flexible and versatile. Not only can you run it on just about every modern operating system, but it’s also compatible with a lot of different types of firmware. For instance, DD-WRT routers are capable of establishing OpenVPN tunnel. Today, we’re going to review the best VPNs for OpenVPN, but first we need to discuss the shortcomings and strengths of this incredibly popular security tool.
Disadvantages of OpenVPN
There aren’t too many drawbacks to using OpenVPN compared with other types of connections. However, you may have already heard that OpenVPN isn’t the ‘fastest’ connection option. While that’s technically true, I feel that it’s a bit of a misnomer. OpenVPN connections won’t thrash your Internet connection to the point that it becomes all but unusable. In fact, it’s quite the opposite. OpenVPN connections can be extremely fast, depending on the service you use, the speed of your ISP, and so on.
Nevertheless, OpenVPN does tack on a small amount of overhead to your Internet connection due to the encryption process. There are faster VPN protocols, such as PPTP. However, I wouldn’t recommend using PPTP since it offers weak security.
Advantages of OpenVPN
There are several attractive benefits of OpenVPN that far outweigh its disadvantages, though I’d personally claim that it’s largest advantage is rock-solid security. Though it does offer several different types of encryption using different key lengths, I’d advise you to stick with AES-256-bit encryption, because it’s incredibly strong and can’t be cracked.
You might hear a conspiracy theorist (who may be wearing a tinfoil hat) claim that secret governmental programs possess super computers capable of breaking AES-256. But there’s no evidence to backup of these claims, and it’s just skeptical speculation at best. The reality is that AES-256 is so immensely complex, strong, and long that it’s currently impossible to decode.
Furthermore, there’s security value in the fact that OpenVPN is open source. Because its open source, it’s possible for independent third party researchers to run audits on the code, ensuring there aren’t any hidden backdoors that would allow other organizations to read your data. I know that sounds crazy, but it’s actually a common occurrence with many digital services – especially those based in the United States. If you remember, Edward Snowden blew the whistle on the NSA’s wiretapping program called PRISM.
The PRISM scandal consisted of the NSA coercing domestic digital firms (such as Google, Microsoft, Yahoo!, and more) into inserting data-mining code into their products and services. Unfathomably large masses of citizens’ data ended up in a massive governmental database within the bowels of the NSA (likely Fort Meade). The problem is that these firms use closed source software, and protected their intellectual property with patents and closely guarded source code. Because it was closed source, we simply couldn’t understand how it worked on a technical level, and couldn’t see the hidden malicious wiretapping code injected into their software. But with OpenVPN, you can rest assured that your VPN tunnel is free of hidden backdoor modules.
But there are additional benefits other than strong security – the first of which is price. OpenVPN is free, and who doesn’t like free software? Not only can you download a free OpenVPN client, but you can even download the server software free of charge. That makes it possible to craft your very own home-brewed OpenVPN server to secure connections back to your home network (and it’s really not too difficult to setup, either).
Key Strength
To better illustrate the strength of OpenVPN’s AES-256-bit encryption, let’s consider how many combinations it would take to decode encrypted data. Consider that there are 2^256 key combinations, but only one of them would successfully unlock the data. That figure is so large, I doubt there’s a human being that has ever existed who could wrap their mind around it. The following is approximately 2^256 written in numerics:
116,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000
To attempt to put things in perspective, that’s supposedly more atoms than exist in the entire universe (though I’m certainly no astrophysicist). Cryptographers and mathematicians have claimed that even with the fastest modern computers, it would take billions of years to find the right key (literally longer than the universe is theorized to have existed!). With such a staggering number of possible permutations, it simply isn’t feasible to attempt a brute force attack.
And let’s assume that somehow someone was able to decrypt a key after trying for billions of years (which is virtually impossible). Guess what? They would have only decrypted the data that belonged to a single VPN tunnel using a single key. The entire process would have to be repeated to decrypt data from another tunnel that used a different key.
All in all, OpenVPN is a fantastic piece of free software that offers extremely strong encryption. What’s not to love? With that understanding, let’s go ahead and take a closer look at the best VPNs for OpenVPN.
AirVPN – Complete Review
AirVPN offers some in-depth features specifically for OpenVPN that allow users to customize their OpenVPN tunnels more than most other providers. With some other providers, it can be tricky setting OpenVPN to use a different port; sometimes, it involves a lengthy engagement with customer support (though most are happy to help). AirVPN, which is based out of Italy, offers OpenVPN tunnels on ports 80 (HTTP), 443 (HTTPS), and 53 (DNS) by default. Doing so will make your OpenVPN tunnel look like standard web page traffic or DNS traffic to your ISP and any other eavesdroppers.
Furthermore, AirVPN supports OpenVPN tunnels over SSH, SSL, and Tor for extra layers of anonymity and security. They’re reasonably priced, too, and offer rates as low as €4.50 per month with a 1-year plan. I wish they allowed more simultaneous connections, but the 3 they permit per account should accommodate the majority of users. And in addition to permitting P2P and DDNS traffic on their network, they even have a double-hop routing mechanism to further obfuscate the source of your traffic.
ExpressVPN – Complete Review
Despite the encryption overhead associated with OpenVPN, ExpressVPN is known for fast and reliable servers with fair global coverage, and they also provide L2TP/IPSec, SSTP, and PPTP connections. They claim that they’re the ‘fastest VPN tunnel,’ but I think doing so is analogous to a local diner claiming that they have the ‘best pie and coffee.’ Nevertheless, they operate servers in 100 locations spread out across 87 countries.
And though they’re not the cheapest provider, they are pretty reasonable. You can get their service for as little as $8.32 a month, and they even have a 30-day money back guarantee. They are a little more expensive per month than most other providers, but they have an extremely reliable service and a software client that’s easy to use. Plus, they have the added advantage of being based out of the British Virgin Islands, so you don’t have to fear the US government or NSA tapping into data records.
NordVPN – Complete Review
NordVPN is a bit of an oddity in the VPN service industry, because they are the only provider I’ve seen that currently offers as many as 6 simultaneous connections. Naturally, they do provide OpenVPN connections, in addition to PPTP, SSTP, and L2TP/IPSec. They are also significantly cheaper than ExpressVPN. In fact, you can get their service for as little as $5.75 per month with an annual subscription. But even though they’re cheaper, they provide a lot of extra security features that most of the competition lacks.
For instance, they have a double data encryption feature to ensure that your data is virtually impossible to decrypt without the proper key. NordVPN even has a feature to use Tor in combination with their VPN tunnel for an extra layer of anonymity, too. Plus, they even have a DNS leak resolver as well as an automatic VPN kill-switch to halt data transmissions in the event of a tunnel drop. Furthermore, they include web proxy extensions and an encrypted chat solution. Last but not least, note that NordVPN does allow Bit Torrent and P2P traffic through their network.
VPN Area
VPNArea is another reasonable alternative for OpenVPN connections, and to date they operate servers in 54 countries. They too allow up to 6 simultaneous connections, and cost as little as $4.92 per month with an annual subscription. Assuming you secure 6 devices, that’s only $0.82 cents per device per month. I wish they had a free trial, but instead they have a 7-day money back guarantee.
They seemed to have followed suit with the competition, and have built a server load monitor into their client so you can intentionally select servers that aren’t overburdened. And they have decent ancillary features with their software, too. In addition to providing DNS leak protection, they also include a kill-switch feature.
Final Thoughts
I think AirVPN has some of the best OpenVPN features of any of these providers, simply because their so flexible with the configuration of tunneling and port options. However, I did want to make a final recommendation, especially to users in China. One provider I refrained from mentioning is AstrillVPN. They’re pretty interesting because they modified the source code of OpenVPN into a custom client, and offer some advanced tools to circumvent the Great Firewall of China.
They might be the best alternative depending on where you’re located. Regardless, note that almost every VPN provider is going to have OpenVPN connections, but not all of them are good. The aforementioned services are better than the average VPN service, and some of them have some unique implementations of OpenVPN. Last but not least, just remember to not put faith or trust in PPTP to secure your data, since it suffers from known vulnerabilities that allow people to break its encryption. Instead, use OpenVPN as your standard connection protocol.