And the air is fresher too...LOL

Does this affect personal VPNs as well?
 

I don't use a VPN service. Instead, my router is configured to support VPN and I connect directly (I've never been comfortable with 3rd party services). Will I have problems connecting to my home system? This can be problematic, because I routinely use my VPN to access my files remotely.

I have a friend that does the same thing, connecting to his home system using a personal VPN without problems.

If you can do this also it might be better than a 3rd party service because 1) it's free and 2) I suppose it's more likely to be under the radar of the GFW since it's not public.

However the news article posted by the OP seems to say that the GFW has learned to detect VPN connections (versus I suppose censors manually blocking the IP of the access points), so I can't say how well this will work in the future.

Also if your home VPN system goes down you'll need someone back there to restart it.

This is easily fixed if you use a cheap virtual hosting service in the US or wherever. Costs can be as little as $3/month.

As to your private VPN being disrupted by the GFW, just pick a technology that's used by most corporate VPNs, i.e., IPsec. That way you're bound to be safe as they won't be so stupid as to disrupt corporate traffic (and if they did I suspect things will be so desperate that it'd be time to get out of the country).

The GFW seems to have learned to recognise OpenVPN traffic (likely based on headers) sometime in the past few weeks. You can test this yourself by setting up an OpenVPN server of your own; you'll be able to connect at first, but within a few hours, no new connections will go through until you switch the server's IP. A lot of the commercial VPN providers have been using OpenVPN, as it offers a nice combination of security, speed, and ease of administration. They can get away with killing OpenVPN off because nobody important uses it.

PPTP isn't being automatically blocked by our beloved Net Nannies at present, but there are blacklists of known providers, and it's not as secure as other options.

L2TP/IPsec is the best choice. It's the biggest pain to set up and configure, particularly for the server admins. The Net Nannies won't dare implement a blanket ban on IPsec VPNs, as these are what's used by almost all major corporations. Unfortunately, most commercial VPN providers don't offer IPsec...a handful of the most expensive providers do (PM if you want some names that are tested working here in SH), but using your company's is the best bet.

This depends on the ISP. I tried connecting to an IPsec VPN with Unicom and it doesn't work, but it works fine on Telecom.

Every instance of IPsec blocking I've seen so far is a DNS poisoning issue or block of a known IP address rather than the protocol itself. There are easy workarounds for this (use alternate DNS or a different IP to connect), as opposed to the new OpenVPN auto-detection issue. Telecom and Unicom use different DNS blacklists, so that likely explains what was happening.

This may soon become a moot point, though, as if recent editorials in state are indication of the thoughts on such matters, all signs seem to point to things getting worse, despite any potential backlash from business owners both domestic and foreign...

http://news.ifeng.com/mainland/speci...359378_0.shtml (Chinese)

http://www.scmp.com/news/china/artic...ares-crackdown

haha,that's funny