Traveling for the holidays? Use our free VPN!

Advanced feature discussion, beta programs and unsupported "Labs" features.
53 posts Page 5 of 6
by ankh » Thu Nov 03, 2016 12:57 pm
Thanks for the pointer to setting up Tunnelblk.

Of the various options on that page, can you specify which specific choices to use with Sonic?

For example, I ignored the "Nameserver" -- I think I guessed right and the "situation for most users" doesn't fit Sonic:

The "Set Nameserver" Check Box and DNS & WINS Settings

If you are using DHCP, wish to use DNS and WINS servers at the far end of the tunnel when connected, and the VPN server you are connecting to "pushes" DNS and WINS settings to your client, select "Set nameserver". (This is the situation for most users.)
---------------------

Note that I'm home using a Mac, while my wife is traveling using an iPhone (and the iPhone was set up yesterday). So we are both using the same "ankh" user login, from different hardware in different places for a week -- that's ok, right? I won't screw up her use of the VPN from the iPhone by installing Tunnelblk on the home Mac and using it?


If I need to set up different configuration files for the 2 different users somehow, I'll wait to mess with that til next week.
by drew.phillips » Thu Nov 03, 2016 1:06 pm
ankh wrote:Thanks for the pointer to setting up Tunnelblk.

Of the various options on that page, can you specify which specific choices to use with Sonic?

For example, I ignored the "Nameserver" -- I think I guessed right and the "situation for most users" doesn't fit Sonic:

The "Set Nameserver" Check Box and DNS & WINS Settings

If you are using DHCP, wish to use DNS and WINS servers at the far end of the tunnel when connected, and the VPN server you are connecting to "pushes" DNS and WINS settings to your client, select "Set nameserver". (This is the situation for most users.)
---------------------

Note that I'm home using a Mac, while my wife is traveling using an iPhone (and the iPhone was set up yesterday). So we are both using the same "ankh" user login, from different hardware in different places for a week -- that's ok, right? I won't screw up her use of the VPN from the iPhone by installing Tunnelblk on the home Mac and using it?


If I need to set up different configuration files for the 2 different users somehow, I'll wait to mess with that til next week.
I think the DNS situation should be okay, but it wouldn't hurt to explicitly set the VPN nameservers to Sonic's which are 208.201.224.11 and 208.201.224.33.

For now, two simultaneous OpenVPN connections to the same account will work fine. As in, OpenVPN will work fine and not confuse the two connections in any way. Just keep in mind, we may eventually limit the number of simultaneous VPN sessions to one per user but not in the immediate future, so for now you both should be fine using the same account at the same time.
Drew Phillips
Programmer / System Operations, Sonic.net
by ankh » Thu Nov 03, 2016 3:46 pm
OK, I see multiple choices on a pulldown menu "Set DNS/WINS" with Tunnelblick mentioning nameserver:

Do Not Set Nameserver
Set Nameserver (this appears to be the default setting and I've left it there
Set Nameserver (3.1) or (3.0b1) or (alternate 1)

I left it at the default
None of them offer a place to fill in the blank with the specific Sonic numbers


Somewhere else to specify the Sonic numbers?

Sorry for the persistent questions, I am guessing someone's working up docs specific to Sonic, so maybe these help point out what's not clear yet.
by ankh » Thu Nov 03, 2016 3:49 pm
PS, I assume you can look at the configuration; I"m not posting it but can email it to you if useful. It begins with these lines:

# Automatically generated OpenVPN client config file
# Generated on Wed Nov 2 14:25:17 2016 by a.ovpn.equinix-sj.sonic.net
# Note: this config file contains inline private keys
# and therefore should be kept confidential!
# Note: this configuration is user-locked to the username below
# OVPN_ACCESS_SERVER_USERNAME=ankh
# Define the profile name of this particular configuration file ...
by drew.phillips » Thu Nov 03, 2016 4:01 pm
@ankh

That is the correct config file. I also tested on Windows and it does push DNS correctly from the remote end (OpenVPN).

You can confirm this on your Mac by opening a Terminal (Applications >> Utilities >> Terminal.app) and typing "nslookup sonic.net" and pressing enter.

It should show "Server: 208.201.224.11" or "Server: 208.201.224.33" for the first line. This tells you it's using the Sonic DNS server which is pushed by the OpenVPN server to your client.
Drew Phillips
Programmer / System Operations, Sonic.net
by fsquared » Sat Nov 26, 2016 6:38 pm
Ok, so I was just out of town and used the Sonic VPN on both my iPhone and my iPad, and it worked perfectly. I didn't even notice any decrease in performance.

I have a basic question, though: other than being free, how does this VPN differ from, say, NordVPN or Private Internet Access VPN? Is there any reason I might want to consider a paid VPN anyhow?
by drew.phillips » Tue Nov 29, 2016 3:17 pm
fsquared wrote:Ok, so I was just out of town and used the Sonic VPN on both my iPhone and my iPad, and it worked perfectly. I didn't even notice any decrease in performance.

I have a basic question, though: other than being free, how does this VPN differ from, say, NordVPN or Private Internet Access VPN? Is there any reason I might want to consider a paid VPN anyhow?
I'm glad to hear it worked well while travelling and you didn't notice any performance degradation either!

Regarding us vs. another paid provider. Here are my thoughts:

You know Sonic, you can talk to us and other customers, and our logging policies are clearly defined and honored. We offer VPN "free" with your service as an added feature to aid privacy and address concerns for our FTTN customers and it's very basic compared to other paid providers.

PIA and Nord give you access to hundreds or thousands of VPN servers all over the world which has value to some. They offer things other than OpenVPN (e.g. SOCKS, IPSEC, L2TP) and are designed to support lots of users consuming large amounts of bandwidth in addition to casual web surfing. Depending on what you give them, those providers may have less information about you as well. It looks like PIA also has firewalling built into some of their connections which ours do not. If you have open ports/services on your computer used to connect to the VPN, these will be exposed via your VPN IP (this is typical of most VPN connections). So ensure proper firewalling is in place on your connected device.

Hope that explains some of the differences based on my opinion.
Drew Phillips
Programmer / System Operations, Sonic.net
by fsquared » Tue Nov 29, 2016 4:08 pm
Thank you, Drew, that does help. It sounds like the biggest thing is that your VPN only links back to Sonic's servers, while a paid VPN could have any number of exit points anywhere in the world.

And now I should probably study up on how to ensure proper firewalling on my phone and tablet.
by drew.phillips » Tue Nov 29, 2016 4:29 pm
Yes, I'd say the number of different VPN servers they provide is the main selling point for other providers. Also, the IP addresses handed out by our VPN service reverse to something like xxx-xx-xx-xxx.vpn.dynamic.sonic.net which doesn't exactly hide the fact that you're using a VPN to someone who's looking.

Recently, I was looking PIA addresses for blocking purposes for an open source project I work on and found that many of their VPN addresses don't have any reverse DNS, or reverse to generic hostnames that don't have many other pointers back to them.

The fact that ours show vpn.dynamic.sonic.net doesn't really affect your privacy at all, but someone who's looking will have an easier time knowing you're on a VPN.

Regarding the firewalling of your phone and tablet, this is probably less of an issue. I know Android typically disallows things from binding to ports on an outside interface (0.0.0.0) or block it at the kernel level. Last time I was on a VPN I port scanned my entire phone and nothing showed as open. I would imagine Apple iOS is similar but I'm not intimately familiar with them.
Drew Phillips
Programmer / System Operations, Sonic.net
by goetsch » Tue Nov 29, 2016 4:33 pm
Traveling over Thanksgiving weekend and ended up in a fast food joint in an out-of-the-way place that my phone's data network didn't reach. Restaurant had sketchy, unsecured WiFi, so I fired up the Android VPN app and was able to check email, etc., without putting my entire online life on the line. Thanks, Sonic!
53 posts Page 5 of 6

Who is online

In total there are 28 users online :: 0 registered, 0 hidden and 28 guests (based on users active over the past 5 minutes)
Most users ever online was 999 on Mon May 10, 2021 1:02 am

Users browsing this forum: No registered users and 28 guests