How to Easily Bypass VPN Blocks (Yes, even for Netflix!)
While VPNs are an easy way to access blocked sites, many governments and companies are starting to block VPN use. But never despair— we’ll show you how to easily bypass VPN blocks while still protecting your privacy and security. Share
So you want to access websites around the world while still maintaining your privacy? Sadly, just having a VPN connection doesn’t always work anymore.
You see, over the years, censored websites have figured out this little trick. To restrict access, governments and companies have developed VPN detectors that block you from bypassing their restrictions with a VPN.
But don’t worry— we gotcha.
Whether you want to access the US version of Netflix or Hulu, need to bypass your company’s ban on social media, or live in a country with internet censorship, our detailed guide will help you bypass VPN blocks with ease, whether you’re on an iPhone, Android, Mac, or PC.
First things first: The disclaimer
Before we get started, let’s be clear: we’re not in the business of encouraging you to bypass VPN blocks. Internet censorship exists for all kinds of reasons— from services that use geo-blocking, to governments that restrict access to foreign media, to companies that don’t want their employees on Facebook all day— and bypassing it carries risks to the user (that’d be you.)
So why have we created this guide?
We at vpnMentor are firm believers in freedom and privacy. It’s our job to give you the tools and info— and it’s your job to decide how, when, and where to use them responsibly and legally.
In general, using VPNs is rarely illegal (although the content you access when using the VPN may be), even in VPN-blocking countries such as China, Syria, or Iran. That said, as of July 2016, using a VPN service whilst in the United Arab Emirates is illegal and is punishable by jail time and fines of between 500,000 and 2,000,000 UAE Dirham (136,130 – 544,521 USD). So if you’re planning a trip to the UAE, you’re better off forgetting your favorite shows on Netflix and bringing a book instead.
As for VPN-blocks at your school or workplace, keep in mind that if caught bypassing VPN restrictions on a private WiFi or LAN network, you could face suspension, termination, or other disciplinary measures. While chances are slim that you’ll be caught, it’s up to you to decide if it’s worth the risk.
Got it? Ok, then let’s get started.
COMMON VPN-BLOCKING TACTICS
IP Blocking – The most common method of preventing VPN use is simply discovering the VPN server IPs and blocking their access. However, as there are now hundreds of VPN service providers, most of the focus is on blocking only the most popular VPNs.
Lesser-known VPN providers often fly under the radar, allowing you to browse undetected. To determine if your IP is blacklisted or from a proxy, go to whoer.net.
Port Blocking – Another effective way to block VPNs is to use a firewall to block the ports commonly used by VPN protocols, such as 1194 (UDP), 1723 (TCP), 500 (UDP), 4500 (UDP), 1701 (UDP) etc.
DPI (Deep Packet Inspection) –DPI is a way to examine part of a data packet (often the header) at an inspection point to determine whether the data has been encapsulated by a VPN. This effective tactic has been used by the government of Syria since 2011 and targets VPN protocols such as OpenVPN, L2TP, and PPTP.
COMMON VPN-BLOCKING WEBSITES
- Streaming Services (Netflix, Hulu, BBC, etc.) –Video streaming websites are increasingly blocking viewers who use VPNs to bypass the geographical restrictions on their services. Geo-blocking protects copyright holders, who can maximise their profits by segregating the world market.
- Pay-per-day wireless services – Hotel and in-flight wireless services, such as GoGo, often block VPNs because they want you to pay for in-flight or in-hotel movies instead of streaming them yourself for free.
We know not everyone who wants to stream their favorite show on Netflix is a VPN guru, so we’ve broken our solutions into two sections: Basic and Advanced.
- Mobile Phone – By far the simplest solution for bypassing a VPN block is either to surf using your iPhone or Android or to open a mobile hotspot in order to access websites blocked by your workplace, school or hotel abroad. You will, of course, be charged the normal rate by your cell provider, but it is a simple, elegant and virtually undetectable solution.
- Polyserver – Rather than committing to just one VPN provider or server, try switching to a lower-profile VPN service, or changing to a different server IP run by the same provider. Ask your provider whether it regularly recycles its IP addresses, making them harder to block.
For our recommendations on the best VPNs to use for streaming services, click here.
- DIY – Instead of relying on VPN providers and their servers, run your own VPN server and connect to it from the censored location.This will provide you with your own unique IP address, making sure you avoid basic IP blanket-blocking.
Here’s how to do it:
Step 1: Click the Start button. In the search bar, type VPN and select ‘Set up a virtual private network (VPN) connection‘.
Step 2: Enter the IP address or domain name of the server to which you want to connect.
Step 3: If you want to set up the connection but not connect, select ‘Don’t connect now‘. Otherwise, leave it blank and click ‘Next‘.
Step 4: On this next screen, you can either put in your username and password or leave it blank. You’ll be prompted for it again on the actual connection.
Step 5: To connect, click on the Windows network logo on the lower-right part of your screen and select ‘Connect‘ under ‘VPN Connection‘.
Step 6: In the ‘Connect VPN Connection‘ box, enter the appropriate domain and your log-in credentials and click ‘Connect‘.
- Tor – Tor browser encrypts and then randomly bounces your data through a global network of relays to conceal your identity and online activity from surveillance and traffic analysis. By separating identification and routing, Tor bridges can be used to bypass IP blocks, and obfsproxy can be used to hide Tor traffic from DPI. For more information on Tor and how to use it, click here.
- Lahana – Lahana lets you quickly build a VPN server so you can access the Internet and Tor. The tool does not attempt to implement any additional form of secrecy or privacy, however using it with Tor allows users to browse in nearly complete anonymity. Running a Lahana node shouldn’t cost more than $20/month.
- Shadowsocks – Shadowsocks is an open-source proxy application, widely used in mainland China to circumvent internet censorship. Basically, it’s a SOCKS5 proxy that is available for most major platforms.
- Psiphon – Psiphon is an open-source tool that uses a combination of secure communication and obfuscation technologies (VPN, SSH, and HTTP Proxy) to bypass censorship. If you encounter a block when using VPN, for example, you can switch to SSH or obfuscated SSH (SSH+) instead. If you are surfing from a place where the Psiphon website is blocked, you can ask them to email you the software by writing to: firstname.lastname@example.org.
If you can disguise your VPN traffic as regular web browser traffic, you can make it impossible for a network to block your VPN. Here are some techniques for unblocking your VPN service on almost any network:
- TCP Port 443 – This is the standard Internet encryption protocol you use every time you access a website with sensitive account data, such as your bank or credit card account.Since most high-quality, paid VPN services already use the SSL encryption library, switching the port number to 443 will let you easily slip through all but the most rigorous DPI firewalls. You can set it up by contacting your VPN provider’s tech support
To change the port number:
- Find the correct configuration file. It has the extension .ovpn and is located …
- on Windows XP/Vista: C:\Programs\OpenVPN\config
- on Windows XP/Vista 64-Bit: C:\Program Files (x86)\OpenVPN\config
- on Macintosh OS X: Library/openvpn (in the Home folder of the respective user)
- Open the configuration file with WordPad or TextEdit. On Vista you have to start the editor with the option “Run as Administrator”.
- Delete any line containing “proto udp”
- Put a “#” at the beginning of the line “remote vpn1.hideway.eu”
- Add a line or remove the “#”: “remote vpn2.hideway.eu 443 tcp”
- Save the file
- Find the correct configuration file. It has the extension .ovpn and is located …
- Stealth VPN / Obfuscation – Even when using port 443, most VPN protocols have a data packer header, which can make it possible for a firewall to recognize the traffic as VPN traffic.
VPN service providers are obviously aware that some networks are blocking VPN traffic. ‘Stealth’ VPN technology scrambles or disguises your VPN traffic, making it unidentifiable as VPN traffic, or disguising it as regular TLS encrypted web traffic.Using a VPN service with obfuscation or ‘stealth’ technology allows your VPN connection to rewrite or obscure the packet headers, so it’s unrecognisable.
SSL Tunneling – Is when an internal client application requests a web object using HTTPS on port 8080 through the proxy server. For example, when you are using online shopping.
- The internet connection to the relevant e-commerce website is tunneled to by you through a proxy server. The client communicates with the target web server directly after the initial connection has been established by a proxy server, by means of communication within the SSL tunnel that has been created after SSL negotiation has taken place.
SSL tunnels are usually made using the Stunnel software, which must be configured on both the VPN server and on your computer. If you want to use SSL tunneling, you must discuss it with your VPN service provider. The OpenVPN data is wrapped inside an additional layer of TLS/SSL encryption. DPI techniques are unable to penetrate this extra layer of encryption, so they cannot detect the OpenVPN encryption inside.
- SSH Tunneling – An SSH tunnel consists of an encrypted tunnel created through an SSH (Secure Shell) protocol. It is similar to SSL tunneling, except that the VPN data is wrapped inside an SSH encryption. SSH is mostly used in the business world for accessing shell accounts on UNIX systems, and is therefore nowhere near as popular as SSL. As with SSL tunneling, you will need to talk to your VPN provider in order to activate it.Both SSL and SSH tunneling are more secure than obfsproxy, however, obfsproxy is easier to set up and configure.Obfsproxy also uses significantly less bandwidth, as it does not offer the additional layer of encryption provided by SSL and SSH tunneling.
In this day and age, any lock can be picked and any block can be tricked. At vpnMentor, we encourage you to stay safe, stay free, stay anonymous.
For our list of best & worst VPNs and their reviews, please click here.