Category Archives: Networking

FreeBSD Gateway to Access ProtonVPN

Note, this is not a tutorial, so it does not contain a complete list of steps to be performed. It’s intended to give you ideas how to go about doing this by sharing my experiences. The complete setup is, as they say, left as an exercise to the reader.

I was playing around with different setups to connect several devices to ProtonVPN being aware of the limit of one or two devices with the Free and Basic ProtonVPN packages. The obvious way is to configure the VPN on your router/gateway. If you have one that allows for OpenVPN to be configured, you can do it there. Mine doesn’t so I had to find another way.
I also didn’t want to rout all my traffic through the VPN, just basically be able to browse the web.

So I came up with the idea of installing a FreeBSD gateway with two network interfaces, one connected directly to the Internet over which I route the traffic to a ProtonVPN server or servers.

Of course, the machine is running PF firewall software with the appropriate rules, and name resolution happens with unbound which basically just forwards requests to public DNS servers. I am not going to describe either here, because you can use other software to do these task (e.g. use IPFW and hardcode public nameservers in the /etc/resolv.conf file).

Continue reading

To VPN or not to VPN

A Swiss VPN provider

I started researching VPN providers some time ago and gave ProtonVPN c closer look since they provide a free base service that isn’t too performant but good enough for testing and many daily activities. With their free offering, which is unlimited in duration, you have the choice of servers in three countries and can connect one device – which may be enough for your whole home network if you configure the VPN connection on your router. The router needs to support OpenVPN and all your traffic will go through a VPN connection, and that may not be what you want.

Also, some sites do block or restrict traffic that come from known VPN gateways, as they do with traffic coming from Tor exit nodes. They identify them as “sites with suspicious traffic” and ask you to do a Captcha every time. Some other sites provide a security warning if you suddenly log on from a different country.

Continue reading