kgc, you're back! What is the minimum number of Sonic services I need to have in order to still have unlimited access to Sonic's VPN?
OpenVPN Open Beta
Internet access discussion, including Fusion, IP Broadband, and Gigabit Fiber!
235 posts
Page 11 of 24
Any qualifying connectivity service, including Fusion, FTTN, Fiber, Legacy DSL, etc.
Kelsey Cummings
System Architect, Sonic.net, Inc.
System Architect, Sonic.net, Inc.
Yes, I *had* it working with IPSEC, however I didn't fully solve the reconnect issue. One proposed solution was a shell script that polled/pinged an ip address and restarted the VPN connection when it failed.pmbell wrote:Very nice walkthrough, Liam.liamk wrote:Okay, I have improved this slightly, and written a blog post on it, which is here:
http://www.freespeechnow.org/2015/09/17 ... -networks/
In addition to getting Sonic OpenVPN working with DD-WRT, I describe configuration of the DD-WRT and NVG589 devices, preventing DNS leaks, and other stuff.
Am I reading correctly that you've got an IPSEC connection to Sonic from your router, and you're able to get internet traffic passing though it? If so, you might want to put a pointer to that in the discussion about the result of the VPN poll as well. A number of folks there would really like to see that.
viewtopic.php?f=10&t=2819
OpenVPN is much easier.
I added the OpenVPN keepalive option, and so far that seems to be working.pmbell wrote: On IPSEC: I run 'em for work, and I find that if I'm always pushing traffic down the tunnel, it tends to be more stable. My openvpn setup monitors my connection by pinging the secondary Google DNS server (8.8.4.4) all the time, something like that might help an IPSEC tunnel, also.
I have turned it on, but the speed is so erratic that there is no way to know if it is helping. I will leave it on.pmbell wrote: In your openVPN settings page - what happens if you enable adaptive LZO compression? IIRC, the Sonic vpn server supports it, and I think your performance would improve.
Do you have DNSCrypt running on DD-WRT, or what exactly? I am not finding a simple way to do that.pmbell wrote: On various things to enhance privacy: it turns out that running bittorrent over a VPN and over Tor at the same time is a bad idea, as the Bitorrent folks aren't as privacy-minded as you might think. Bittorrent packets from at least some clients go looking for your IP address and stuff whatever they find into the headers. There's also a protocol called uTP which is supposed to help Bittorrent manage traffic better on a slow circuit. In the process, it also tries punch holes through NAT and as a side effect tries to bypass VPN tunnels - it's pretty remarkable at doing that.
Also, it's worth considering adding a discussion of dnscrypt. My primary VPN provider uses DNS to resolve their incoming gateway, so I need DNS for a bit when my firewall first boots up. I run dnscrypt on my gateway, which is also the only resolver my LAN clients have access to. DNS runs in plaintext by default; I prefer to encrypt mine and trust only the DNS providers I choose with my requests.
Under normal circumstances, all of my DNS is flowing to my vpn provider, but if the tunnel is down, it's permitted to bypass to get the tunnel back up, so the added dnscrypt layer means that ATT sees very, very little in the way of live DNS requests from me even if the tunnel is down.
My fallback DNS resolver is my own DNS server, however the DD-WRT doesn't seem to fall back to it when the VPN DNS resolvers refuse access. I don't know what is up with that. However, it does have the effect of warning me that the VPN is down, which is good.
I'm running it on pfsense. it looks as if there is an opkg for it for open wrt, but for dd-wrt it may be a manual install.
Is sonicVPN actually owned by Sonic or are they going through another vender to provide this service?
Remember when Sonic provided newsgroups service but at the time it was really going through supernews. It was not a service sonic owned or provided themselves.
I see people bringing up other similar VPN services and comparing it here so just wanted to get more feedback on what the differences if any are.
EFF report on sonic. https://www.eff.org/who-has-your-back-g ... nic-report
So the EFF report shows that sonic is the best ISP on privacy. However when you compare that to 3rd party VPN services are 3rd party VPN services better than that?
Also being that i am on ATT network and now using SonicVPN to have more privacy. will SonicVPN services be better or have enchanced privacy compared to just having a regular sonic adsl account?
Basically will SonicVPN be trying to compete with other 3rd party VPN providers where some say they don't even keeps logs etc.
Remember when Sonic provided newsgroups service but at the time it was really going through supernews. It was not a service sonic owned or provided themselves.
I see people bringing up other similar VPN services and comparing it here so just wanted to get more feedback on what the differences if any are.
EFF report on sonic. https://www.eff.org/who-has-your-back-g ... nic-report
So the EFF report shows that sonic is the best ISP on privacy. However when you compare that to 3rd party VPN services are 3rd party VPN services better than that?
Also being that i am on ATT network and now using SonicVPN to have more privacy. will SonicVPN services be better or have enchanced privacy compared to just having a regular sonic adsl account?
Basically will SonicVPN be trying to compete with other 3rd party VPN providers where some say they don't even keeps logs etc.
if you are a sonic DSL customer, you are almost certainly on Sonic's network once you get to the CO. there are a few exceptions but almost always your IP address and transport are on Sonic's network and entirely governed by their policy until you reach the internet. this is true of sonic fiber and I think VDSL as well.
if you are on the fiber to the node product, the situation is very different. in that case, sonic is reselling att uverse access and you have an att address and are on the att network. although in principle you have more flexibility in using the product than an att customer would - the contract is with sonic - you are in the same privacy, network management and log retention boats as att customers are.
if att throttles Netflix bandwidth on their network, for example, you will feel the impact.
this is where the VPN to sonic or another provider is helpful. if you are a sonic customer and att throttles the connection to sonic, both you and sonic can complain. once you reach sonic your use is governed by their much better policies on logging, privacy etc.
currently the sonic VPN is owned and operated by sonic.
if you are on the fiber to the node product, the situation is very different. in that case, sonic is reselling att uverse access and you have an att address and are on the att network. although in principle you have more flexibility in using the product than an att customer would - the contract is with sonic - you are in the same privacy, network management and log retention boats as att customers are.
if att throttles Netflix bandwidth on their network, for example, you will feel the impact.
this is where the VPN to sonic or another provider is helpful. if you are a sonic customer and att throttles the connection to sonic, both you and sonic can complain. once you reach sonic your use is governed by their much better policies on logging, privacy etc.
currently the sonic VPN is owned and operated by sonic.
What's the best way to speed test actual speeds when connected to the vpn?
The normal speedtest sites are not showing accurate speeds (way higher)
The normal speedtest sites are not showing accurate speeds (way higher)
download a large file and time it ... it will give you a rough idea of what the speeds are 
Is Cloak as secure as the Sonic OpenVPN option?
https://www.getcloak.com
Yes I know Cloak is not free but my job provides an unlimited plan with them. I'm just wondering if it's as secure?
Cloak is great for iOS devices btw although Open VPN probably has an app too.
https://www.getcloak.com
Yes I know Cloak is not free but my job provides an unlimited plan with them. I'm just wondering if it's as secure?
Cloak is great for iOS devices btw although Open VPN probably has an app too.
Hard to say if its as secure as OpenVPN. The getCloak website is rather vague about the encryption, or what's going on from the server side. Its unclear whether they're developing their own technology, or merely slapping some iOS UI on top of someone else's VPN implementation. Their support section has a "How does Cloak work under the hood?" section, which is laughably vague, to the point of being useless. Honestly, I wouldn't trust them at all considering how little they share about their product.mediahound wrote:Is Cloak as secure as the Sonic OpenVPN option?
https://www.getcloak.com
Yes I know Cloak is not free but my job provides an unlimited plan with them. I'm just wondering if it's as secure?
Cloak is great for iOS devices btw although Open VPN probably has an app too.
235 posts
Page 11 of 24
