VPN services have become the favorite solution to unblock websites and defeat restrictions around the world. The problem is that in some locations, the use of VPNs is not allowed and governments and network administrators are taking steps to prevent people from bypassing blocks on this technology. The good news is that there are ways to avoid VPN blocks so that you can keep your privacy and security protected, and get around censorship and blocks effectively.
Why are VPNs blocked?
There companies like Netflix that have implemented these blocks to ensure that its subscribers don’t bypass the geographical restrictions implemented. These restrictions are in place due to licensing issues. Netflix has agreements with the studios that produce the content available on this platform.
Some of these agreements indicate that the content can only be offered in certain locations. This is why Netflix US subscribers get different content than those in Germany. Usually, Netflix US offers more and better options than the versions of the app in other countries, this is why many people use VPNs to access more content. However, Netflix and other companies that impose geographical restrictions, such as Hulu, have taken steps to prevent the use of VPNs.
You will also come across VPN blocks in China and other countries where the internet is subject to heavy censorship. Since VPNs allow people to access websites, services and other content that is banned for political, religious and other reasons, the governments in these countries want to block VPNs. In some networks, the use of VPNs may also be blocked, stopping you from getting around the restrictions that the network has in place.
What you need to keep in mind
In this guide, we’ll let you know what you can do to bypass VPN blocks. However, it is important to consider that bypassing these blocks comes with some risks. It is up to you to decide if you want to circumvent the blocks imposed by a network, a government or a company. Online freedom is very important, which is why the popularity of VPNs has increased substantially over the last few years. Just make sure that before you follow the steps that will allow you to bypass the restrictions, you understand the possible implications.
In general, using VPNs is not illegal, but there are specific cases in which you may face penalties. In the United Arab Emirates, the use of a VPN service is against the law and could result in fines and even prison. In the case of school or work networks, it is important to consider the internal guidelines. If they have implemented blocks and you are caught trying to bypass them, you may be suspended or fired. Using VPNs may be against the terms of service of some websites or apps, so make sure that you read those as well. Once you decide that you want to get around the blocks, you can follow the below guide.
What are the VPN blocking tactics commonly used
IP blocking – This is a widely used method to prevent the use of a VPN. It involves finding out the VPN server’s IP addresses and blocking them. Since there is a high number of VPN services available, the blocking tends to focus on the most popular providers. The VPN providers that are not so popular, are less likely to be targeted and may be able to bypass blocks easier since their IPs haven’t been blacklisted. That being said, many major VPNs have the resources to offer new servers to overcome the blocks. You can find out if an IP has been blacklisted by going to whoer.net.
Port Blocking – This is another method to prevent the use of VPN services. It uses a firewall to block the ports that are generally used by VPN protocols. These include 1723 (TCP), 1194 (UDP), 500 (UDP) and 1701 (UDP).
Deep Packet Inspection – Widely known as DPI, this is a technique that checks part of a data packet (usually the header) at an inspection point to establish if the data has been encapsulated by a VPN. It is a method used by governments and it targets VPN protocols like OpenVPN and PPTP.
Websites that block VPNs
Streaming websites like Hulu, Netflix and BBC iPlayer are known for implementing blocks to prevent people from bypassing geographical restrictions using a VPN. Using geo-blocks allows them to comply with agreements with copyright holders, who increase their profits by separating the global market. Pay-per-day wireless services in hotels and flights are also likely to block VPNs so that you pay for movies, instead of streaming them for free.
Solutions
We will go through basic solutions, suitable for users who are just starting using VPNs or with basic technical skills, as well as advanced solutions for those who are more experienced.
Basic Bypass
Mobile Phone – The easiest way to bypass a VPN block is to browse the internet using your mobile device’s data or to open a mobile hotspot to access sites that are blocked in your network. While this can be an expensive option, depending on your provider’s rates, it is a simple and effective way to get around the issue.
Polyserver – Instead of using only one VPN provider or server, you can try using multiple ones, switching to a lower profile VPN or changing to a different server IP that is run by the same provider. You can check with your provider how often they recycle IP address to make them more difficult to block.
Tor – Tor browser is another option to protect your privacy and bypass restrictions. When you connect to it, your data is encrypted and then it is randomly sent through a global network of relays to hide your identity and online traffic from third parties. You will be protected from surveillance and eavesdropping. Tor can be used to get around IP blocks and obfsproxy that can be used to hide Tor traffic from Deep Packet Inspection.
DIY solution – Another option is to run your own VPN server and connect to it from your location. You will get a unique IP address that will allow you to avoid the IP general blacklist. You can follow the below steps:
- Click the Start button, in the search bar, enter the VPN and select “Set up a virtual private network (VPN) connection”.
- Enter the IP address or domain name of the server you want to connect to.
- If you prefer to set up the connection, without connecting, select “Don’t connect now”. If not, leave it blank and then click Next.
- On the following screen, you will be able to enter your username and password. Alternatively, you can leave it blank. You will be asked to enter it again on the actual connection.
- Click on the Windows network logo that is located on the lower-light part of the screen and select “Connect” under VPN connection.
- Enter the relevant domain in the “Connect VPN Connection” and your log-on credentials. Then click Connect.
Shadowsocks – This open-source proxy application is popular in China as a solution to get around online censorship. It is mainly a SOCKS proxy that works for the majority of platforms that are commonly used.
Psiphon – This is an open-source tool that combines secure communication and obfuscation technologies such as VPN, SSH and HTTP Proxy so that you can bypass censorship effectively. If you come across a block when you are using a VPN, Psiphon allows you to switch to SSH or obsfuscated SSH (SSH+). If you are unable to access Psiphon’s website to download the software, you can send an email to get@psiphone3.com.
Lahana – With Lahana, you can create a VPN server fast, giving you the chance to access the Internet and Tor. It doesn’t give you an additional layer of protection for your privacy, but when used with Tor, you can browser almost anonymously. It is possible to run a Lahana node from $20 per month.
Advanced Solution
It is possible to disguise your VPN traffic to make it appear as regular web browser traffic, which prevents networks from blocking the VPN. The below methods will allow you to use a VPN without experiencing blocks and they work on pretty much any network.
TCP Port 443 – Whenever you access a website with sensitive account data like your online financial services, you are using TCP Prt 443, which is the standard Internet Encryption protocol. Given that the best VPN services are using the SSL encryption library already, you can switch the port number to 443 to easily bypass almost all DPI firewalls. In order to set it up, you can contact your VPN provider. The below steps will allow you to change the port number:
Find the right configuration file. It has the .ovpn extension and it is found on Windows In Windows XP/Vista: C:\Programs\OpenVPN\config
Windows XP/Vista 64-bit: C:\Program Files (x86)\OpenVPN\config
Windows XP/Vista 64-Bit:
Mac: Library/openvpn (Home folder of the respective user)
Open the configuration file using WordPad or TextEdit. On Vista you need to start the editor using the “Run as Administrator” option.
Delete any line that contains “proto udp”. Add a “#” at the start of the line “remote vpn1.hideway.eu”.
Add a line or remove the “#”:“remote vpn2.hideway.eu 443 tcp”
Save the file
Stealth VPN/ Obfuscation – Since most VPN protocols have a data packer header, they can still be blocked, even if you are using port 443. A firewall can identify the VPN traffic.
VPN service provider know that some networks block VPN traffic and they are looking for options to get around the blocks. Stealth VPN technology masks your VPN traffic to prevent networks from identifying it as VPN traffic. It can disguise it as regular TLS encrypted web traffic. With a VPN service with obfuscation or “stealth” technology, a VPN connection can rewrite or disguise the packet headers to avoid recognition.
SSL Tunneling – This is when an internal client application requests a web object using HTTPS on port 8080 through the proxy server. For instance, when you are accessing an online shopping website. The online connection to to online shopping site is routed to you through a proxy server. The client establishes communication with the target server directly after the original connection has been established by a proxy server in an effort to communicate within the SSL tunnel that has been established after SSL negotiation. Usually, SSL tunnels are created using the Stunnel software, which has to be configured on the VPN server and on your computer. OpenVPN traffic is covered with extra layer of TLS/SSL encryption, which DPI can’t access, which prevents it from detecting the OpenVPN encryption. To get SSL tunneling, you need to reach out your VPN provider.
SSH Tunneling – An SSH tunnel involves an encrypted tunnel established through an SSH (Secure Shell) protocol. This is like an SSL tunnel, but the VPN data is wrapped inside an SSH encryption. SSH is generally used by companies in order to access shell account on UNIX systems and it doesn’t have the level of popularity that SSL enjoys. You will also need to get in touch with your VPN provider to activate it.
SSL and SSH tunneling offer more security than obsproxy, but obsproxy is easier to set up and configure. It also uses less bandwidth since it doesn’t have the extra layer of encryption that SSL and SSH tunneling offer.
Conclusion
Now that you know the methods that will allow you to defeat VPN blocks, you can select the one that better suits your needs. Just make sure that you use them responsibly and that you keep in mind that possible risks. Online freedom is under attack and a VPN is an efficient solution to defend it. With a VPN, you can also protect your privacy and enjoy security, even when you are using a public WiFi hotspot.