Recently I have been travelling quite a bit. Without much surprise, it seems the internet is not as good as you expect: either the mobile data is too expensive or has weak signal for everyday usage or the broadband internet available from local ISPs are not the most reliable: the same public IP is shared by many people that you can’t control. I was finding more and more sites where I need captchas to solve. This is quite annoying to say the least.
Though I have extensively used office VPN to work remotely, I have not yet been into 3rd party VPN services. There are debates about whether these VPN services actually add any protection to the data or how they can be verified that they themselves don’t log user activity and sell for profit. But at least these services would help to get rid of those annoyances.
Experience with 3rd party VPN
I googled for some options for an affordable and reputable 3rd party VPN provider. Names like NordVPN, ExpressVPN, Surfshark came frequently. Comparing the offerings, Surfshark seemed to be the cheapest: a measly $2.49 USD/month if you sign up for two years. So that’s the one I decided to try.
Here are my experiences with them.
Strike 1: The subscription process was easy. You can pay with different options, I chose paypal. Though at no point it asked me to create an account. After the payment was successful, I received an email that I can login with the username and password… password that I had never created? Talk about good UI design! I had to use “forgot my password” to set my password.
Strike 2: Next I needed to login to download app for my device. But it gives an error that too many attempts have been made. But I had tried only once. Googling the error, I found that Surfshark may block some IP addresses for 10 minutes, and suggests that user should try again after 10 minutes. No problem, except the issue persisted even after waiting for 30 minutes. When I click on the live chat option to get help, nothing pops up. Talk about responsive UI design!
Strike 3: So I find their support email and ask for help. I got a reply asking a bunch of questions like how many devices, operating systems, locations etc. After going back and forth a few times, the rep said he can whitelist my public IP. Great, finally I should be able to download the installer and start using my awesome VPN. Sadly, no. After installation the app could not actually connect to the Surfshark servers. I am not sure how the IP was whitelisted, but it seems while I can login to their website, the app itself still can not connect to the servers. I get an error like the picture below:
I got back to the rep and after several more rounds of back and forth, he still could not find a way to make the connection work. I even tried setting it up manually following their documentation, which seems to be able to connect to the server, but I get an error that my Surfshark subscription has expired. But did I not just buy it today?
In the meantime, I tried a trial version of another free VPN, and that worked. So apparently using VPN is not blocked by the network. By this time, I had already spent 3 hours waiting to be connected and based on the experience, I was not looking forward to do this for the next two years. I decided to request for a refund, which thankfully Surfshark has as a policy as 30 days money back guarantee.
I can understand that may be Surfshark is using Cloudflare to prevent DoS which is blocking IP from certain countries, but isn’t that why we need VPN? To be able to connect securely from everywhere? If we were in a perfectly good network, why would we need a 3rd party VPN?
Self-hosted VPN
There is a saying that goes something like: if you want to get things right, do it yourself. I knew about OpenVPN and that they allow to use freely for two devices without needing a license, so I wanted to set a VPN of my own. I already have an EC2 instance at AWS running Ubuntu, so I thought why not re-use it for this purpose? I had added AWS Savings Plan for the EC2 instance that allows savings up to 72% if you are ready to commit for one or three years, so the cost of the VM is pretty reasonable.
I googled for tutorials on how to setup OpenVPN servers and found some awesome ones like this and this. I decided to follow one that is fairly straightforward. Basically, we have 3 steps:
1. At the security group of your AWS EC2 instance, add an inbound rule to open a UDP port (default is 1194) to be used by OpenVPN. You can open for your public IP, but for testing we can open for all.
2. Use an openvpn-install script written by the github user Nyr, which takes care of all the complexities of installing and setting up OpenVPN server. You have to do it inside your EC2 instance. You will be prompted for some questions and once it finishes (which may take a little time), you will find a .vpn file at your /root/ folder. The file is for your client device from where you want to connect to VPN, so copy this file to that device.
$ wget https://git.io/vpn -O openvpn-install.sh
$ source openvpn-install.sh
3. Now you can install OpenVPN client on your target device (another computer with Ubuntu for me) and use the downloaded file to create a connection to your server.
$ sudo apt-get install openvpn
$ sudo openvpn <your_vpn_file.vpn>
That’s it. Now you are connected to your own self-hosted OpenVPN. You can check your IP in google to confirm that you are indeed on the elastic IP of your AWS instance, not the one from your ISP. No more captchas, I have now proven that I am a human!
You should note that, while all inbound data from internet into AWS EC2 instance is free, data out of EC2 instance to internet is only free for the first gb/month. Any additional data transfer is $ 0.09 USD/gb for the next 9.99 TB/month. So I guess this setup is not completely free, but you could use up to 27gb data/month before the cost becomes comparable to the lowest available 3rd party VPN.
And you get the peace of mind that no one is logging and selling your activity 🙂
Be First to Comment