Broad VPN Query

Harrisonm65

Harrisonm65

Dabbler
Joined
Apr 29, 2020
Messages
42
Very broad question Im afraid, but Im in the middle of building a little FreeNAS machine and also looking at VPNs for the house. I wanted to check please if there are any recommended VPN providers, or even ones to definitely avoid.

Im not overly concerned with general browsing on any device at home, but would prefer to hide the details of any up and downloads from the FreeNAS device if possible. Can it be done from with FreeNAS itself using a plug in or similar, or would you recommend using a 3rd party VPN product like ExpressVPN
 
Last edited by a moderator:
Ericloewe

Ericloewe

Server Wrangler
Moderator
Joined
Feb 15, 2014
Messages
20,194
Hide from whom? ISP at home? WiFi hotspot operator while traveling? Chinese government? Whoever runs the servers you're downloading stuff from/uploading stuff to?
 
Harrisonm65

Harrisonm65

Dabbler
Joined
Apr 29, 2020
Messages
42
Ericloewe said:
Hide from whom? ISP at home? WiFi hotspot operator while traveling? Chinese government? Whoever runs the servers you're downloading stuff from/uploading stuff to?
Click to expand...
All of the above? Maybe....! Deffo from my home ISP as they tend to block quite a few sites and thats just mean.
 
Ericloewe

Ericloewe

Server Wrangler
Moderator
Joined
Feb 15, 2014
Messages
20,194
Well, all of them have different requirements, so it's important to identify the problem first.

If you want to circumvent ISP meddling, you'll need to connect to someone else who can then route your traffic to wherever it's going. Generally, that would mean some sort of commercial VPN provider.
 
Harrisonm65

Harrisonm65

Dabbler
Joined
Apr 29, 2020
Messages
42
Ericloewe said:
Well, all of them have different requirements, so it's important to identify the problem first.

If you want to circumvent ISP meddling, you'll need to connect to someone else who can then route your traffic to wherever it's going. Generally, that would mean some sort of commercial VPN provider.
Click to expand...

Fair enough. If we say we're going down that road then, how compatible is FreeNAS with a commercial VPN company like NordVPN or similar? Any to avoid or recommend even?
 
Ericloewe

Ericloewe

Server Wrangler
Moderator
Joined
Feb 15, 2014
Messages
20,194
For FreeNAS itself, it shouldn't be too difficult. But if you want to use your server as the gateway for multiple clients, you'll need to configure your network accordingly, which may not be trivial.

As for recommendations, I tend not to trust any of them. My ideal recommendation (which is a polite way of saying "disjoint from reality") is to run a VM somewhere (Digital Ocean, AWS, Azure, whatever...) and set it up as the server for your VPN. I don't know how pricing compares, but it's hard to compete with the bottom of the barrel offerings YouTube is so full of.
 
danb35

danb35

Hall of Famer
Joined
Aug 16, 2011
Messages
15,504
Ericloewe said:
My ideal recommendation (which is a polite way of saying "disjoint from reality") is to run a VM somewhere (Digital Ocean, AWS, Azure, whatever...) and set it up as the server for your VPN.
Click to expand...
See also:
github.com

GitHub - StreisandEffect/streisand: Streisand sets up a new server running your choice of WireGuard, OpenConnect, OpenSSH, OpenVPN, Shadowsocks, sslh, Stunnel, or a Tor bridge. It also generates custom instructions for all of these services. At the e

Streisand sets up a new server running your choice of WireGuard, OpenConnect, OpenSSH, OpenVPN, Shadowsocks, sslh, Stunnel, or a Tor bridge. It also generates custom instructions for all of these s...
github.com github.com

GCE, IIRC, includes a free "micro" instance perpetually.

Edit: I thought I'd posted about it before:

Streisand - set up your own free* VPN server in the cloud

Maybe it's well-known, having been around for a couple of years already, but I just learned of it recently, and it sounds like it has potential to be pretty handy. Streisand is a set of scripts that will build a VPN server for you (by default it supports L2TP/IPsec, OpenVPN, Wireguard...
www.ixsystems.com www.ixsystems.com
 
Heracles

Heracles

Wizard
Joined
Feb 2, 2018
Messages
1,401
Harrisonm65 said:
but would prefer to hide the details of any up and downloads from the FreeNAS device if possible.
Click to expand...

Hey Harrison,

Know that by definition, there will ALWAYS be someone capable of tracing you and your activity. Your only choice is who will that be. Again, you can not make yourself un traceable.

Considering how few people use Tor, just using something like that distinguishes you down to a very precise level. Also, these Tor routers cost a fortune and require high bandwidth. Who you think are the powerful institutions that are able to operate them ?

Other than that, something like a browser's signature is a second very strong signature that will always survive (which browser, which version, on which platform, equipped with which module and extension, which language and more). Think about it in binary : for every question that has 4 options, that is 2 bits. Should you have 10 of these, the precision is 20 bits, so 1 in a million.

You will always need DNS. Either you host your own and your ISP will see all your recursive queries, or you use someone else's DNS service and that one will have it all on a silver plate.

Just by asking that question, you basically confessed that you are downloading illegal copies of copyright content. Either you just don't do it or you assume your responsibility.
 
Heracles

Heracles

Wizard
Joined
Feb 2, 2018
Messages
1,401
Ericloewe said:
My ideal recommendation (which is a polite way of saying "disjoint from reality") is to run a VM somewhere (Digital Ocean, AWS, Azure, whatever...)
Click to expand...

And so these cloud providers end up the ones being able to trace you. Considering they are all about to make money, they are surely interested of defining your identity and re-sell it.

danb35 said:
GCE, IIRC, includes a free "micro" instance perpetually.

Edit: I thought I'd posted about it before:
Click to expand...

So that organisation is the one you allow to trace your activity.

At the end, there will ALWAYS be an entity that will be able to trace you. All you can do is to choose who will that be.
 
Heracles

Heracles

Wizard
Joined
Feb 2, 2018
Messages
1,401
As for me, I chose that Cloudflare would be able to trace my DNS activity and my ISP will be able to trace my network activity.

Cloudflare has business cases for making there money out of something else then your identity. Yes they can trace it, but I think they are more credible in their statement saying that they dont because they have an actual business case. What they are looking for is a frontline position to face as many attacks and ennemies as possible to learn about them, their attacks, techniques and more. As for WASP, their VPN, they need to amortize the cost of their own backbone, so that is why they developed their VPN and rent a part of their infrastructure.

But sure, once you use them, they can trace you.

There will always be someone able to trace you. Who will you trust for that capability ? Up to you to choose but the only way of ending with no one being able to trace you is not to use the Internet.
 
You must log in or register to reply here.

Important Announcement for the TrueNAS Community.

The TrueNAS Community has now been moved. This forum will now become READ-ONLY for historical purposes. Please feel free to join us on the new TrueNAS Community Forums.

Related topics on forums.truenas.com for thread: "Broad VPN Query"

Similar threads

STREBLO
  • Locked
Link two jails out through VPN
Replies
2
Views
2K
STREBLO
STREBLO
E
  • Locked
DIY & Freenas VS ready solution for 2bays nas for home usage
Replies
5
Views
4K
paleoN
paleoN
itskando
Plex and Transmission Security
Replies
3
Views
3K
drinking12many
D
H
  • Locked
Is FreeNAS right for me?
Replies
4
Views
2K
gpsguy
gpsguy
R
Hey FreeNAS forums! Fill my holes... of knowledge!
Replies
3
Views
2K
Bozon
Bozon
Top