PDA

View Full Version : Private VPN service Recommendations



SMS
04-17-08, 07:40 AM
I'm changing ISPs from one that includes VPN service with every account,
to one that doesn't, because the savings are substantial.

Since I often use Wi-Fi "out in the wild" I need to replace this VPN
service with something.

Has anyone used J-Wire's Hotspot Helper
("http://www.jiwire.com/hotspot-helper.htm") or HotSpot VPN
("http://www.hotspotvpn.com/").

J-Wire is $25/year, while HotSpot VPN is $88 per year. I'm not clear on
the advantage, if any, of the more expensive service.

Jeff Liebermann
04-17-08, 11:41 AM
On Thu, 17 Apr 2008 05:40:13 -0700, SMS <scharf.steven@geemail.com>
wrote:

>I'm changing ISPs from one that includes VPN service with every account,
>to one that doesn't, because the savings are substantial.
>
>Since I often use Wi-Fi "out in the wild" I need to replace this VPN
>service with something.
>
>Has anyone used J-Wire's Hotspot Helper
>("http://www.jiwire.com/hotspot-helper.htm") or HotSpot VPN
>("http://www.hotspotvpn.com/").
>
>J-Wire is $25/year, while HotSpot VPN is $88 per year. I'm not clear on
>the advantage, if any, of the more expensive service.

Sonic runs IPSec which is about as good as it gets. If you can live
with PPTP or an SSL VPN, you can terminate the VPN with any commodity
router that supports PPTP or SSL VPN's, or a Linux server, or even a
Windoze 2000/2003 server. The catch is that the box or server has to
be sitting on a fat pipe, which usually means sitting in the ISP's
server farm.

I roll my own which terminates at a friends router that's sitting in a
server farm. It's fairly fast. I also have PPTP VPN terminations
setup on my office and home routers. With DSL lines, it's *REALLY*
slow. I use these only for checking if I have any email or testing.

There are some other VPN terminations. See the FAQ:
<http://wireless.wikia.com/wiki/Wi-Fi#VPN_Service_Providers>

One that looks interesting is iPig:
<http://www.iopus.com/iPig/>
which offers a free VPN server (iPig Server Express Edition):
<http://www.iopus.com/iPig/download/>
I haven't tried it, but if you have a Windoze box running somewhere,
it might be an easy solution.


--
Jeff Liebermann jeffl@cruzio.com
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann AE6KS 831-336-2558

Bill Kearney
04-17-08, 11:47 AM
> I also have PPTP VPN terminations
> setup on my office and home routers. With DSL lines, it's *REALLY*
> slow. I use these only for checking if I have any email or testing.

I've had VPN's setup at home for quite a while. I would not call it "really
slow". It's as fast as your uplink speed. I've had a 1.5/512 connection
for a while and it's certainly faster than a 768/128.

One other alternative to VPN is to use a remote desktop session. This way
you connect to your home PC as a video client. RDP takes about 20k per
session, more than usable over a 128k link. You can't watch full motion
video through it but it's good for nearly everything else. If you don't
want to use RDP you could use VNC instead. There's lots of ways to make it
work.

The single biggest hassle to using your own home connection is the dynamic
IP address. Sign up for a dynamic DNS service and set it up on your router.
I'll work well enough most of the time.

-Bill Kearney

Jeff Liebermann
04-17-08, 12:57 PM
On Thu, 17 Apr 2008 12:47:55 -0400, "Bill Kearney"
<wkearney99@hotmail.com> wrote:

>> I also have PPTP VPN terminations
>> setup on my office and home routers. With DSL lines, it's *REALLY*
>> slow. I use these only for checking if I have any email or testing.
>
>I've had VPN's setup at home for quite a while. I would not call it "really
>slow". It's as fast as your uplink speed. I've had a 1.5/512 connection
>for a while and it's certainly faster than a 768/128.

I'm on 3.0/256 in the office and 1.5/256 at home. Those speeds work
fine for everything except the automagic updates that Microsloth and
every other vendor insists on dumping on one's machine without asking.
I have to turn off all that stuff on my laptop in order to use my
laptop effectively through a slow connection. If I don't use my
laptop for perhaps a week, I'm guaranteed a few megabloats of
downloads before I can start using the laptop.

Meanwhile, I've been experimenting with splitting the traffic on the
laptop. The email traffic goes to my home router VPN which I treat as
a proxy server. Everything else goes through the gateway on the
coffee shop wireless router. I haven't been in one place with my
laptop long enough to set it up correctly, or be sure it's working,
but it seems like a reasonable compromise.

>One other alternative to VPN is to use a remote desktop session. This way
>you connect to your home PC as a video client. RDP takes about 20k per
>session, more than usable over a 128k link. You can't watch full motion
>video through it but it's good for nearly everything else. If you don't
>want to use RDP you could use VNC instead. There's lots of ways to make it
>work.

I use RealVNC extensively. Works well but is slow. So is MS Remote
Desktop, GoToMyPC, and PC Anywhere. What's odd is that they are slow
at different things. Each one seems to optimize some part of the
puzzle, at the expense of others. Weird.

>The single biggest hassle to using your own home connection is the dynamic
>IP address. Sign up for a dynamic DNS service and set it up on your router.
>I'll work well enough most of the time.

I've been using DynDNS for years. I think I'm up to about 30
machines. No problems except compatibility issues with broken built
in DynDNS clients found in some routers.
<http://www.dyndns.com/support/clients/hardware/>

--
Jeff Liebermann jeffl@cruzio.com
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann AE6KS 831-336-2558

msg
04-18-08, 10:03 AM
Jeff Liebermann wrote:

<snip>
> I roll my own which terminates at a friends router that's sitting in a
> server farm. It's fairly fast. I also have PPTP VPN terminations
> setup on my office and home routers. With DSL lines, it's *REALLY*
> slow. I use these only for checking if I have any email or testing.

In my experience, IPsec (native on OpenBSD, USAGI on linux) with
'isapkmpd' key management has been a good solution. The free 'Secure
Sentinel SSH' Ipsec VPN client for Windows performs well, and over
slower connections is quite tolerable. No need to co-locate your
VPN endpoint at the ISP for small-scale applications. Costs only
your time to implement (on DSL and WiFi) and can save the O.P. a lot
of moolah in the long term.

Regards,

Michael

msg
04-18-08, 10:07 AM
Bill Kearney wrote:

>> I also have PPTP VPN terminations
>> setup on my office and home routers. With DSL lines, it's *REALLY*
>> slow. I use these only for checking if I have any email or testing.
>
>
> I've had VPN's setup at home for quite a while. I would not call it
> "really slow". It's as fast as your uplink speed. I've had a 1.5/512
> connection for a while and it's certainly faster than a 768/128.
>
> One other alternative to VPN is to use a remote desktop session. This
> way you connect to your home PC as a video client. RDP takes about 20k
> per session, more than usable over a 128k link. You can't watch full
> motion video through it but it's good for nearly everything else.

<snip>

Agreed. RDP is a great solution and if you use 'rdesktop' (be sure to
follow the development threads regarding security and other issues), you
don't need to buy TSCALs. Full motion video ain't so intolerable on
faster links too.

> The single biggest hassle to using your own home connection is the
> dynamic IP address. Sign up for a dynamic DNS service and set it up on
> your router. I'll work well enough most of the time.

Lots of independent ISPs will give you a /30 for real cheap -- a better
solution than dynamic DNS.

Michael

SMS
04-19-08, 12:57 PM
Jeff Liebermann wrote:

> Sonic runs IPSec which is about as good as it gets. If you can live
> with PPTP or an SSL VPN, you can terminate the VPN with any commodity
> router that supports PPTP or SSL VPN's, or a Linux server, or even a
> Windoze 2000/2003 server. The catch is that the box or server has to
> be sitting on a fat pipe, which usually means sitting in the ISP's
> server farm.

Yeah, that's why I don't do my own. I had Sonic until earlier this week.
I gave them a lot of chances to fix their service, but it was
unbelievably flaky, somewhere between my DSL modem and them. Then I
realized that they had upped my price from $30 to $50/month, and I was
getting under 1Mb/s throughput, so I went back to AT&T. While the tech
support at AT&T is unbelievably horrendous, so far (1 day) the actual
DSL service works much better with no intermittent drops several times
an hour.

> One that looks interesting is iPig:
> <http://www.iopus.com/iPig/>
> which offers a free VPN server (iPig Server Express Edition):
> <http://www.iopus.com/iPig/download/>
> I haven't tried it, but if you have a Windoze box running somewhere,
> it might be an easy solution.

I don't think it's free anymore, except for very limited periods of time.

I'm trying out Jwire now.