Daily Archives: April 14, 2017

The VPN Saga

Sometimes an easy task becomes a giant chore. Like, when you’re about to cook dinner, but then you need to wash a pot, but the sink is full so you have to clear out the sink, but the drying rack is full so you have to put away the dry dishes first… etcetera. Anyway, I thought getting a VPN would be an easy process, but alas, it would not be so. At some point, I decided that I should set it up on my router. That way, it would protect traffic from the chromecast and gaming devices. And, I wouldn’t run into the device limits. This decision led me down a deep rabbit hole.

I have an Asus RT-N56U. When I checked the router, it only had support for PPTP, which is less secure than OpenVPN. I upgraded the firmware, and still no luck. I guess my device was too old? Other Asus devices supported it. I seent the screenshots.

I had to start researching alternate firmware. There was AsusWRT, which didn’t actually support my router, so that was out. There was something from someone going by Padavan. but it seemed like a project done by just one person and I wasn’t sure how much I trusted it. It’s probably fine. However, the process of buying a VPN put me in a more paranoid, and I decided to keep looking.

I finally stumbled upon OpenWRT. As I dug deeper, I discovered that there were two versions of my router that were indistinguishable. One version supported OpenWRT and one, the newer one, didn’t. (Newer routers aren’t as hackable because of FCC regulations. They don’t want you changing the antenna to get to channels you’re not supposed to be on.) I didn’t know which one mine was. Finding out if mine was too old to be the incompatible one would help. I dug through my Amazon records to see when I bought it, but couldn’t find it. Eventually, I came upon a forum post pointing out that there were actually visual differences. Mine was the right one!

I borrowed a usb-ethernet dongle from a friend to flash the firmware. Otherwise, I would’ve been forced to dig up my old-ass windows laptop and wait 15 minutes for its physical-drive-having-ass to boot up.

The setup wasn’t too bad. Initially, I wasn’t sure whether to use tcp or udp. (TCP was right after a bit of research.) I installed sftp on the router, which wasn’t too difficult, to move files because I didn’t want to use scp. It worked, even with Netflix.

And then, Netflix stopped working. Proxy error.

There was no easy way to disable it. If I stopped OpenVPN, it restarted itself because of the scripts the vpn recommended to prevent leakage. And I didn’t want to delete everything. That would’ve been annoying. So, we went a few days without Netflix. What a dark time.

When I tried a different vpn server, after finally having some free time to fiddle, it still didn’t work. Did I want to give up on having a VPN altogether? Netflix and other services block VPNs to prevent getting around geolocking. They geolock because the rights to the content are different in different countries. People don’t talk about this enough. Most people aren’t going to inconvenience themselves this much for privacy.

I chose to sacrifice some of my security as well. I kept the vpn, but researched a way to allow netflix traffic through directly. It was a bit of a hassle. I had to set up another repo because the vpnbypass package wasn’t part of the official repo. It worked, though, and is still the set up I have now.

I have more thoughts on VPNs and selling traffic in general. However, I’ll save that for a separate post.