Go Back  FlyerTalk Forums > Travel&Dining > Travel Technology
Reload this Page >

VPN - Explain to a dummy

VPN - Explain to a dummy

Old Jan 29, 11, 6:37 pm
  #31  
 
Join Date: Jan 2011
Posts: 8
PPTP vs. OpenVPN

A lot of VPN providers out there will give you an account for PPTP VPN, which is the VPN client built-in to Windows. The advantage is that you don't have to download anything, just enter the IP address, username and password into the VPN wizard on Windows, and connect.

The disadvantage is that you are getting, at best, 128-bit authentication, which is breakable if someone is eavesdropping on your connection.

More sophisticated users will use OpenVPN, which allows up to 2048-bit certificates to start your connection, and advanced encryption protocols for the actual tunnel. My server is running SSL/TLS authentication with a 1024-bit certificate, and Blowfish encryption while you're connected. There are some locations that do "deep packet inspection" where authorities can block encrypted packets, but using OpenVPN ensures that they'll never decrypt your packets.

OpenVPN services usually cost more than PPTP, though not in all cases. OpenVPN requires the download of an open-source client. Many free OpenVPN services will therefore bundle adware with the open-source client, though not all of them do this.

Another thing I didn't see mentioned here which is relevant is that some users report better speed over VPN. Some ISPs limit bandwidth on port 80 (i.e., web surfing) requests, though they may not cap port 1194, which is the OpenVPN port.

I'm not sure websites like Hulu can block VPN traffic, since to them, the traffic looks like it came from any other part of the internet. AFAIK, the encrypted tunnel of the VPN only traverses the internet space between the VPN client and the VPN server. Once the packets hit my VPN server, for example, they interface with a Squid proxy server, which I think then requests information from the internet. The web server on the other end, then, sees the user agent as my Squid proxy server with the IP address of my server, not the end client.

The thing web servers can detect and block is multiple requests from the same IP address. If Hulu gets 1,000 requests a second from 1,000 VPN users connecting from one IP address, they will assume it's a DDOS attack and block the IP address.

This is why a lot of users look for a dynamic IP address for their VPN ISP, but this means the VPN ISP is probably using a bunch of VPS-based servers, which means bandwidth won't be too good. A dedicated server will provide more bandwidth at less cost, but of course has a static IP address so therefore can be blocked.
hmmike is offline  
Old Jan 29, 11, 9:43 pm
  #32  
FlyerTalk Evangelist
 
Join Date: Jun 2005
Posts: 34,427
Another stab at explaining this to non-techies:

You want to have an address in New York. You go to a mailbox place and open up an account, they'll receive your mail, stick it in an envelope and forward it to you. Messages addressed to New York reach you.

Likewise, when you want to send a letter you stick it in another envelope and mail it to the mailbox place. They open it, take out the letter and toss it in the mailbox.

Note that in the corporate world a very common use is to have an address inside a corporate network so you can access resources only available with such an address.
Loren Pechtel is offline  
Old Jan 30, 11, 1:04 am
  #33  
FlyerTalk Evangelist
 
Join Date: Nov 2002
Location: PWM - the way life should be
Posts: 12,392
Originally Posted by hmmike View Post
I'm not sure websites like Hulu can block VPN traffic, since to them, the traffic looks like it came from any other part of the internet. A
I think it's more that Hulu knows what IP address blocks belong to a given VPN service provider, so they block any requests from thost IP's, even though those IP's are in the USA. It's a game of cat and mouse...I remember that, when I used Proxify, they had several domains and IP blocks all over the place. The idea was that, if one avenue was blocked you could try a few others.
gfunkdave is offline  
Old Jan 30, 11, 1:37 am
  #34  
uk1
Suspended
 
Join Date: Jan 2004
Location: UK
Posts: 11,969
Whatever the explanation ..... VPN's have changed our leisure travel and are very simple to set up if you use a decent provider. Normally two steps. Once you've set up an account ..... my one is around 7 for a month, and I take a month at a time ..... you download a small programme. Connect to the net via the broadband provider you are using whilst away ie the hotel system then click on the programme and then if you check with a "what is my IP address location" it will show as being the country you selected to "be in".

This means that whereas I use to record programmes and dump them to DVD or try and dump them from a Humax freeview recorder direct to PC .... I don't have to anymore and now use the various Iplayers whilst in Australia, Singapore, Europe etc.

Highly recommend this approach and it's very simple and very cheap.
uk1 is offline  
Old Jan 30, 11, 2:46 am
  #35  
 
Join Date: Oct 2009
Location: Constantly Positioning
Programs: SPG Plat, CX DM, DL Gold, HHonors Gold, AA Plat
Posts: 346
Aye, or if you want to use for browsing from internet cafes or public wifi networks I'd recommend a VPN set up on a VPS as well. The VPS gives you full control of the machine so it's not a shared VPN (just in case the VPN place isnt honest). VPS packages can start from $7 and up. I personally just purchased a package from sliceh*st which is a "cloud VPS server" for $20/mo. It gives me US based IP and I have networking setup to access when in airport lounges or coffee shops.

PS. asterisks in there because i'm not trying to advertise their services just offering example.
JackDaniels is offline  
Old Feb 2, 11, 2:29 pm
  #36  
A FlyerTalk Posting Legend
 
Join Date: Jul 2001
Location: Watchlisted by the prejudiced, en route to purgatory
Programs: Just Say No to Fleecing and Blacklisting
Posts: 92,110
Originally Posted by sonofzeus View Post
Google Voice too?
I have no problem using Google Voice outside of the US even when a VPN is not in use.
GUWonder is offline  
Old Feb 2, 11, 10:46 pm
  #37  
 
Join Date: Apr 1999
Location: Homosassa, FL & Wanaque, NJ -UA-G; SPG-Plat (Lifetime Gold)
Posts: 6,112
I got tired of not being able to access my office email from BKK and HKG. So I bit the bullet yesterday and installed witopia VPN, while sitting in my suite at the Sheraton Towers, HKG. I wish I had done it sooner.

For $69/yr I now have no problems and I swear it is faster.
Vulcan is offline  
Old Feb 4, 11, 10:29 am
  #38  
 
Join Date: Jul 2001
Location: DTW
Programs: Dirt Status w/ All
Posts: 4,994
I just enabeled VPN in my DD-WRT router and it was quite easy. First I set up a free account with dyndns.org since I have a dynamic IP address from my cable company. My home network is now assigned tev9999network.dyndns.tv. (example - don't bother trying to hack me there).

In DD-WRT, I entered my dyndns account info and password. Now the router will automatically update tev9999network.dyndns.tv to whatever IP my cable company assigns on a day to day basis, so I don't have to remember I was at 134.111.25.145 yesterday and hope it is the same.

You also enable PPTP under the services tab and assign the user names and passwords you need.

I also configured my home theater PC to "Wake on Lan", so I can connect to it remotely if I want to get a file off my hard drive. I can even get to it from my Android phone. I'm still figuring out how to control Windows Media Center remotely. I also have not yet tried watching my recorded TV content over VPN, but I don't think it will be a problem.

The other advantage of DD-WRT is that it made my flakey, constantly dropping, D-Link router rock solid after I got rid of their crappy firmware. DD-WRT is available for many routers now, so you may not even need to buy any hardware.
tev9999 is offline  
Old Feb 5, 11, 12:37 pm
  #39  
 
Join Date: Dec 2009
Programs: BA GGL, Hilton Diamond, Hertz PC
Posts: 1,314
Originally Posted by Vulcan View Post
So I bit the bullet yesterday and installed witopia VPN, while sitting in my suite at the Sheraton Towers, HKG. I wish I had done it sooner.

For $69/yr I now have no problems and I swear it is faster.
Agreed, ^ for Witopia. $69 a year and installed on all my PC's and iPhone. Excellent customer service and support, been very pleased.
stueys is offline  
Old Mar 20, 11, 9:33 pm
  #40  
 
Join Date: Nov 2000
Location: SF Bay Area, California
Programs: AA2MM LIFETIME PLT, Marriott Plat
Posts: 976
Stop paying fees to a VPN company. You can set it up yourself!

I set up a VPN on my home computer in about five minutes using the built in Windows software. I didn't have to download any extra software.

Paypal is famous for limiting your account if you try to pay for something while traveling internationally. Twice in the last three months, they have limited my account which requires me to call them and prove who I am. Had I just remembered to turn on my VPN, I could have avoided all of this.

I also use my VPN ANYTIME I am using a public wifi hotspot on my laptop or iPhone. It's too easy to get all my email passwords if I don't turn it on!
olafman is offline  
Old Mar 20, 11, 9:58 pm
  #41  
FlyerTalk Evangelist
 
Join Date: Jun 2005
Posts: 34,427
Originally Posted by olafman View Post
Stop paying fees to a VPN company. You can set it up yourself!

I set up a VPN on my home computer in about five minutes using the built in Windows software. I didn't have to download any extra software.
This means you have a computer at home turned on to act as the relay and you're limited by your uplink speed besides.
Loren Pechtel is offline  
Old Jan 6, 14, 2:05 am
  #42  
 
Join Date: Jan 2014
Posts: 1
can anyone tell me what is : VPN layer 3 ?
dardanr is offline  
Old Jan 6, 14, 8:53 am
  #43  
 
Join Date: Dec 2009
Location: RDU
Programs: DL DM(segs)/MM, Hilton DM, Marriott Ti (life Pt), TSA Opt-out Platinum
Posts: 2,758
Welcome to FT!

Layer 3 is the "network" layer.

Here's a wiki on the whole Open Systems Interconnection model:
http://en.wikipedia.org/wiki/OSI_model
HDQDD is offline  
Old Feb 8, 15, 5:25 pm
  #44  
 
Join Date: Jun 2005
Location: Tri-State Area
Posts: 4,733
I've been using witopia.net for more than 6 years now without any problems. When I travel and use hotel or other public wifi, turn it on. When trying to watch MLB games also successful in masking locations.

Recently I got a warning email from them for torrentz download of a tv show; didn't think anything of it. Yesterday got a temporarily suspension of services letter from them for another 'violation'.

Anyone have similar issues with their vpn provider?
dtsm is offline  
Old Feb 8, 15, 10:08 pm
  #45  
FlyerTalk Evangelist
 
Join Date: Jun 2005
Posts: 34,427
Originally Posted by dtsm View Post
I've been using witopia.net for more than 6 years now without any problems. When I travel and use hotel or other public wifi, turn it on. When trying to watch MLB games also successful in masking locations.

Recently I got a warning email from them for torrentz download of a tv show; didn't think anything of it. Yesterday got a temporarily suspension of services letter from them for another 'violation'.

Anyone have similar issues with their vpn provider?
Most VPN providers don't like torrents.
Loren Pechtel is offline  

Thread Tools
Search this Thread
Search Engine: