This 20-part (5,000 words) VPN guide gives you all the information about a virtual private network and updates it regularly.
With the erosion of online privacy and an alarming number of security threats, more and more people are turning to VPN services.
VPN (or virtual private network) is the ultimate tool to maximize your online privacy and freedom. A good VPN service allows you to:
- By replacing your IP address and location with the IP address and location of the VPN server, it seems to be anywhere in the world.
- Recover your privacy by encrypting your Internet traffic so that third parties (such as your Internet service provider, network administrator or monitoring agency) cannot read your privacy.
- Protect your device from hackers, attacks and the risk of public WiFi networks.
- You can unblock restricted content no matter where you are.
In addition to security and privacy issues, another major driver of VPN usage is content restriction and online review in the form of blocked websites. From China to the UK and North America, more and more people use VPNs to get a secure, secure, private and unlimited online experience.
Contents – Below are the topics we will cover in this 20-part VPN guide.
- What is a VPN?
- How VPN works
- Why use VPN?
- Is the VPN secure?
- Is the VPN legal?
- How to set up a VPN
- Why VPN is required for online privacy
- Will VPN make me 100% anonymous?
- VPN protocol and encryption
- VPN logs – different types
- VPN performance and speed
- You can use VPN for streaming media
- Can you use a VPN for seed attacks?
- VPN on Android and iOS devices
- VPN on the router
- VPN and Tor
- VPN leaks and terminates the switch
- How to beat the VPN block
- Which VPN is best for you
- The future of VPN
What is a VPN?
A VPN is a virtual private network. It allows you to access the Internet with greater security and privacy, while also allowing you to bypass review or content restrictions. In this guide we will discuss the following VPN terms:
- VPN Client – Software that connects your computer/device to the VPN service. The terms “VPN Client” and “VPN Application” are used interchangeably.
- VPN Protocol – The VPN protocol is basically a way for a device to create a secure connection to a VPN server.
- VPN Server – An endpoint in a VPN network that you can connect to and encrypt your Internet traffic.
- VPN Services – For our purposes here, VPN services are an entity that provides you with a VPN network – they usually also offer VPN software, but this is not always the case. Access is usually sold through subscriptions. The terms “VPN Service” and “VPN Provider” are used interchangeably.
Now we will understand the basics of the actual work of the VPN.
How VPN works
VPN works by creating an encrypted connection between your computer/device and the VPN server. Think of this encrypted connection as a protected “tunnel” through which you can access everything online while appearing to be at the location of the server you are connected to. This gives you a high level of online anonymity, giving you extra security and giving you unlimited access to the entire Internet.
If you don’t have a VPN, everything you do online can be traced back to your physical location and the device you are using from the device ‘s IP address . Every device connected to the Internet has a unique IP address – from your computer to your phone and tablet. By using VPN, you will hide your real location and IP address, which will be replaced by the VPN server you are using.
Most VPN providers maintain servers around the world. This gives you a lot of connection possibilities and access to global content.
After purchasing a VPN subscription and downloading device software, you can connect to any of these global servers immediately.
Now that you understand how VPN works, let’s take a look at why VPN is used.
Why use a VPN?
So why are more and more people in the world using VPN services?
This really depends on your situation, but VPN has many different uses:
- Go online without revealing your real IP address and location (online anonymous).
- Add extra levels of security by encrypting your internet connection.
- Prevent your Internet Service Providers (ISPs), third parties, network administrators and governments from monitoring your online activities (due to encryption).
- Unblock sites and access content that is limited to specific locations.
- Torrent, P2P download and streaming (such as Kodi ) security.
- Bypassing censorship by easily bypassing regional restrictions.
- Save on flights and other online purchases by changing your IP address (geographical location).
- Protect yourself from hackers anytime, anywhere – especially when using a public WiFi connection in cafes, hotels and airports.
- Protect your personal data when you are online, such as bank passwords, credit cards, photos and other personal information.
- Surfing the web gives you peace of mind.
Now that we have covered the reasons for using VPN, we will continue to discuss another issue with many people about VPN.
Is VPN safe?
As a general rule of thumb, VPNs can be used safely as long as you use high quality VPN services. But there is a problem.
There are currently more than 300 VPNs on the market – especially when you consider all the random free VPN apps in Apple and the Google Play store. Unfortunately, most VPN services—especially free VPNs—have flaws, errors, and problems that pose a threat to your security and privacy.
In other words, there are very few high-quality VPNs that keep you safe and protect you from data leaks on all devices.
For example, an interesting study found that 84% of free Android VPN applications leak user data. While most people know that free VPNs should be avoided, millions of people still use these dangerous applications.
As I explained in the free VPN guide, there are many reasons to avoid free VPN services:
- Embedded malware (very common in free VPN applications)
- Hidden tracking (many popular VPN providers hide tracking in the app to collect your data)
- Third party access to your data
- Stolen bandwidth
- Browser hijacking
- Traffic leakage (IP address leak, DNS leak)
- Fraud (identity theft and financial fraud)
There are also many different VPN scams to watch out for – from suspicious “lifetime” VPN subscriptions to fake features and fake comments. As a general rule of thumb, you can get the fees paid for the VPN service.
Is the VPN legal?
In the entire Western world, the answer is yes, VPN is absolutely legal in terms of network privacy and security. In fact, businesses use VPN every day – and they don’t change very quickly.
However, there are some exceptions in places like the United Arab Emirates, where the use of VPNs is currently limited. Some Middle Eastern countries, such as Saudi Arabia and Iran, are dissatisfied with the use of VPNs because these governments are trying to review the Internet and social media. Of course, they don’t like to let people bypass anything that reviews work.
Even so, the laws of these countries usually do not ban the VPN itself, but use VPN to bypass government censorship.
The same is true in China , where the government has been strengthening its “firewall” to block VPNs and websites (see China’s best VPN to solve these problems). Russia is also trying to “ban” certain VPNs – but these measures often fail for the simple reason that VPN traffic can be hidden and looks like normal HTTPS traffic. There are some VPN providers that confuse VPN traffic in their applications. These include ExpressVPN , VPN.ac , NordVPN and VyprVPN .
Important : Businesses around the world often use VPNs to protect their networks. As a result, you may never see a complete “ban” on all VPNs because they are absolutely necessary for business and personal security.
But can’t people use VPN to do bad things?
Of course, but you should consider a VPN like steel . Steel can be used for good purposes such as bridges, buildings and transportation. But it can also be used to make bombs, guns and tanks, which is harmful to people. Steel is completely banned because it is sometimes used for bad purposes and will be crazy and stupid.
The same is true for encryption and VPN. Banks, businesses, and any website that handles sensitive data must use encryption every day. VPN and encryption are the tools we need to use, even if a few people abuse the technology for their own reasons.
(Disclaimer: These are not legal advice – please consult the laws of your country to verify which are legal.)
How to set up a VPN?
The exact instructions for setting up a VPN depend on the device you are using and the VPN service you are connecting to. Most VPN providers – especially those recommended on this website – provide simple installation guides for all major operating systems and devices.
Here’s an overview of how to set up a VPN:
- Choose a good, trusted VPN service (see the best VPN report for the latest test results )
- After purchasing a VPN subscription, download the VPN software for the device/operating system you will be using.
- After installing the VPN client on your device, log in to the VPN service using your credentials (via the VPN application).
- Connect to a VPN server and enjoy privacy and free access to the internet.
Windows, Mac OS, Android and iOS users also have the option to use the built-in VPN feature on their operating system. This uses IPSec / IKEv2 or IPSec / L2TP protocols instead of OpenVPN, which requires the use of an application. If you want to use this route, you need to import the VPN configuration file from the VPN provider.
The most common way to use a VPN is through a VPN client (VPN application) provided by a VPN provider. This also gives you all the features and complete leak protection settings (recommended).
Why VPN is required for online privacy
A good VPN can provide you with online privacy and security.
Without a VPN, your Internet Service Provider (ISP) can easily monitor and record your online activities : the websites you visit, your comments, social media interactions, preferences, and more. Many countries now require ISPs to record user data and browsing activity. VPN is the best solution to protect yourself from these privacy violations.
When using VPN, your ISP can only see you online and connect to the VPN server. Only. Your information is encrypted and protected, making it completely unreadable by third parties .
With the help of VPN, public WiFi hotspots can be used safely again, thanks to the secure encryption of protected data. Using public WiFi without a VPN is risky because hackers can use public wireless to steal your identity, credit card, bank account, password, etc. VPN will encrypt and protect this data from third parties and hackers.
Will VPN make me 100% anonymous?
The simplest answer is no.
Given that someone can be anonymized online (especially through browser fingerprinting ), VPN alone will not give you 100% anonymity. In fact, due to the large resources of monitoring agencies such as the National Security Agency , it may be difficult to achieve 100% online anonymity.
However, on the positive side, in addition to using VPN, simple steps can be taken to further improve online anonymity:
- Use a secure browser to prevent browser fingerprinting (your browser can reveal a lot of information to third parties).
- Use a good ad blocker. Ads are basically camouflage tracking, collecting your activity online, analyzing you, and then using that data to provide you with better advertising.
As you can see, VPN is just one of many privacy tools you can use to get more online privacy .
VPN protocol and encryption
Most commercial VPN services offer a variety of different VPN protocols and you can use VPN applications.
What is a VPN protocol?
The VPN protocol is a set of instructions for establishing a secure and encrypted connection between a device and a VPN server to transfer data.
The following are the most popular VPN protocols currently in use:
- OpenVPN – OpenVPN is still the most popular and secure VPN protocol for all types of different devices. OpenVPN is an open source project developed for many types of authentication methods. It is a very versatile protocol that can be used on many different devices with various functions, or on any port with UDP or TCP. OpenVPN uses the OpenSSL library and the TLS protocol to provide outstanding performance and strong encryption.
- IKEv2 / IPSec – Internet Protocol Security with Internet Key Exchange Version 2 is a fast and secure VPN protocol. It is automatically pre-configured on many operating systems, such as Windows, Mac OS and iOS. It is ideal for rebuilding connections, especially mobile devices. One drawback is that IKEv2 was developed by Cisco and Microsoft and is not an open source project like OpenVPN. IKEv2 / IPSec is a great choice for mobile users who want a fast, lightweight VPN that is secure and can be reconnected quickly if the connection is temporarily lost.
- L2TP / IPSec – Layer 2 tunneling protocol with Internet Protocol security is also a good choice. This protocol is more secure than PPTP, but it does not always have the best speed because the packets are double-encapsulated. It is typically used with mobile devices and is built into many operating systems.
- PPTP – Point-to-Point Tunneling Protocol is a basic old VPN protocol built into many operating systems. Unfortunately, PPTP is known to be a security vulnerability and is no longer considered a security protocol for privacy and security reasons.
- WireGuard – WireGuard is a new experimental protocol designed to provide greater security and performance than existing VPN protocols. Although it is still actively developed and not yet audited, there are still a few VPN providers that support it for testing purposes only. For more information, please refer to my WireGuard guide.
Each VPN protocol has its own advantages and disadvantages. OpenVPN is the most popular and widely recommended because it is secure, open source, and also provides good performance. But it also requires the use of third-party applications. L2TP / IKEv2 is also a security protocol with excellent performance, it can be used natively on most operating systems (no application required) – but it is not open source.
As a general rule, most VPNs allow you to choose which protocol to use in your VPN client. When using VPN on a mobile device, you may be limited by the VPN protocol, especially iOS devices that use IKEv2 / IPSec.
For more discussion on each option, see the VPN Protocol Guide.
AES (Advanced Encryption Standard) is one of the most common encryption passwords used today. Most VPNs use AES encryption with a key length of 128 or 256 bits. Even with the advancement of quantum computing, AES-128 is considered safe.
Here’s an interesting reference to VPN.ac about AES, Encryption and Vulnerability :
OpenVPN 256-bit AES is a bit too much, but uses AES 128 bits. We don’t want anyone to do AES cracking when there are weak links in the chain, such as RSA keys: how they are generated (good or bad entropy, online/offline generation, key storage on the server, etc.) . Therefore, AES-128 is a very good choice for AES-256, which is mainly used for marketing promotion (“bigger is better”).
In addition to AES, there are other VPN passwords, such as Blowfish and Camellia, although these passwords are rarely available in VPN services.
VPN logs – different types
When it comes to privacy, it’s best to focus on logging and logging strategies.
The following are different types of VPN logs:
- Usage (Browse) Logs – These logs basically include everything you do online: browsing history, time, IP address, metadata, and more. Unless you use a free VPN, your VPN service will most likely not be able to maintain usage logs.
- No logs – Although many VPNs claim to be “no logs”, only a few have actually been verified as true without a log VPN service.
If most VPN perform any type of limitations, such as device / connection bandwidth limitation or limitations ( here further below), it is necessary to retain some form of logs. The minimum connection log for safe and periodic deletion is not very interesting – but it all depends on the user.
VPN performance and speed
When you use a VPN, a lot of things happen behind the scenes. Your computer is encrypting and decrypting packets that are routed through a remote VPN server. All of this requires more time and effort, which will ultimately affect your internet speed.
To ensure the fastest time to use a VPN, it is best to connect to the VPN server that best suits your needs. For example, if you are in the UK and want to watch blocked videos available to Americans, then choosing a VPN server in New York is better than a Los Angeles server.
A good VPN service should not greatly affect your internet speed. On the other hand, some lower quality VPN services can significantly slow down your internet speed. This is usually the case when their server is overloading users.
For a discussion of testing VPN speeds and more about all the different variables, check out the VPN Test Guide.
Here are some tips for maximizing VPN speed:
- Get advanced VPN services with good performance.
- Connect to a nearby server with no other users’ congestion (a large amount of available bandwidth).
- If the first two options don’t work, try changing the VPN protocol.
VPN speeds may also be limited by the devices you use, the network or your Internet provider that restricts VPN connections.
Can you use VPN for streaming?
In addition to online privacy and security, thousands of people around the world use VPN for streaming.
Why is that?
The VPN will unlock content that is blocked, reviewed or restricted to certain geographic areas. Because VPN allows you to “tunnel” to any VPN server location around the world, it is still the ultimate tool for online streaming. Here are some popular VPN streaming uses:
- Streaming Kodi via VPN – For additional information and tips, see the Kodi VPN Guide.
- Streaming Netflix over VPN – No matter where you live, using Netflix VPN is a good idea. This allows people living anywhere in the world to access Netflix, the US, which offers the largest media library.
VPNs are also popular with other streaming services such as Hulu, Amazon Prime and BBC iPlayer. Many foreigners living outside their home country use VPN services to unlock their home country’s websites, streaming media and channels.
Can you use VPN to solve the problem?
Another very popular use of VPNs is to use hosting and P2P downloads. When you use a VPN for Torre , your real identity and IP address will be hidden from third parties.
Torrenting and P2P file sharing is to some extent a gray area and may be classified as copyright infringement, depending on what you share/download. At present, countries around the world are fighting the flood from Northern Europe to the United States and Australia. Here is an example of the risk of not having a VPN:
Although we do not support any illegal activity or copyright infringement in Restore Privacy, it is obvious that even if you just download a song, it is dangerous to host without a VPN.
Media companies often run a network of monitoring nodes that join the population and collect connection data for all infringers. The media company can then access the Internet service provider that owns the IP address they have collected and connect these to the user and the connection time. The user will then be fined or prosecuted on behalf of the copyright owner for copyright infringement.
The best solution here is to use a good VPN to keep your privacy.
Can VPN run on Android and iOS devices?
Yes, you can use VPN on Android and iOS devices.
There are three different ways to use VPN on Android and iOS devices:
- Use a custom VPN app. Most providers offer custom VPN applications for Android and iOS devices that are usually fast, stable, and offer different features.
- Use a third-party VPN application. You can also use popular third-party VPN applications such as OpenVPN for Android in the VPN service , which is free open source software.
- Built-in VPN function. With Android, you can use the built-in IPSec / L2TP feature. With iOS, you can use the built-in IPSec / IKEv2 feature. Both operating systems have VPN preferences in the settings area. You need to import the profile from your VPN provider to your phone/tablet.
Although the VPN has improved significantly on iOS and Android, they are still not as good as running on a computer. The main reason is that using a VPN is a bit more complicated than a typical application and requires connecting to an external server, encrypting and decrypting. Of course, this is a bit of a challenge for phones that may be connected in and out.
Warning : Be very careful with third-party mobile VPN applications. There are many gloomy VPN applications that are dangerous and should be avoided. Research before installing the VPN app and keep in mind that high-rated apps in Apple and the Google Play store may still be full of malware – as described in this study . Your best bet is to use only the VPN mobile app provided by your VPN provider.
Can I use a VPN on my router?
Yes, VPNs can be used on many different types of routers, but you need to verify that your router can support VPNs. The VPN Router Guide gives in-depth guidance on establishing VPNs on routers, as well as different options for getting VPN routers.
VPN routers have the following advantages:
- Extend the benefits of VPN to all devices without installing software
- Easily protect you from surveillance and Internet Service Provider (ISP) espionage
- Protect your home network from attacks, hacking and espionage
The trick to setting this up correctly is to first choose a good VPN service and then choose the right router – the rest is easy.
Important : The main factor when choosing a VPN router is the router’s CPU (processing power). Unfortunately, most consumer routers are not functional enough and do not perform well in VPN encryption. Although there are some new models with higher CPUs, there are other options to maximize speed, which I will discuss in the VPN Router Guide.
VPN and Tor
Both VPN and Tor are privacy tools that provide online anonymity, but they are very different from each other.
Tor stands for Onion Router, a browser and network that uses multiple “hops” to protect user privacy. Tor was founded by the US government in 2002 and still relies heavily on funding from US government agencies. In addition to this disturbing fact, Tor has other problems:
- Some people think that the Tor network has been damaged.
- Microsoft’s DRM can easily expose Windows-on-Tor users
- Using Tor to view PDF documents will also reveal your identity.
- Tor users are vulnerable to end-to-end timing attacks
- Tor is too slow for everyday use (especially video streaming)
For many people, Tor’s biggest red flag is that it is a US government project and is still funded by the US government today. There are also many problems with malicious Tor nodes . Many people also suspect that government agencies are running Tor nodes for monitoring .
I will discuss these risks in the in-depth Tor guide.
Despite the risks associated with Tor, some people still like to combine Tor and VPN services. There are several different ways to do this:
- Connect to VPN > Launch Tor Browser: This method is very basic and self-explanatory. Just use the desktop VPN client and connect to the VPN server, then open the Tor browser and use Tor properly. This won’t give you a lot of speed, but it’s an easy way to use “Tor-over-VPN.”
- Use the VPN service with a server that exits the Tor network. In this case, you only need to connect to the designated “Tor-over-VPN” server, your traffic will automatically leave the VPN server, exit to the Tor network, and then enter the regular Internet. I tested two different VPNs that offer this feature: NordVPN and ZorroVPN .
It should also be noted that you can get many of Tor’s advantages through VPN, such as multi-hop configuration. There are some VPN providers that offer multi-hop VPN servers and cascading support – see my multi-hop VPN guide for an in-depth discussion of this topic.
VPN leaks and terminates the switch
A serious problem that plagues many VPN services is the data leakage problem. Here are some different types of leaks that can ruin your privacy and security when using VPN:
- DNS leaks – this happens when your DNS request leaks from the VPN tunnel and is handled by your Internet provider. This can display your browsing history (DNS request), the IP address of your internet provider, and your general location.
- IP address leaks – IP address leaks only occur when your IP address leaks out of the VPN tunnel. This can be a short-lived, temporary leak or a continuous leak, which is sometimes the case with IPv6 addresses .
- WebRTC leaks – this is mainly a problem with Firefox, Chrome, Brave and any other Chromium-based browsers that use the WebRTC API. Even if you are using a good VPN, WebRTC leaks will expose your IP address through the browser. For information on how to resolve this issue in your browser, please see my WebRTC leak guide.
The following is a VPN example. Although all the “leak-proof protection” features are enabled, I found that it is still actively leaking IPv4 and IPv6 addresses and DNS requests:
This is one of the reasons I recommend running a VPN test on a regular basis to check for any problems, leaks or vulnerabilities.
All VPNs in the best VPN service reports have undergone thorough leak testing and passed all tests.
How to beat the VPN block
One problem some people face is that the VPN is blocked. There are several situations in which a VPN is blocked:
- Restricted countries – China, the UAE and Iran all implement some form of VPN blocking because they don’t want people to use VPNs to bypass government censorship.
- School Network – School networks sometimes block VPNs for two reasons. First, they want to be able to monitor everything you do online, which is easy if you don’t use a VPN. Second, they may want to block seeds, streaming media and other high-bandwidth activities. VPN allows you to easily bypass these restrictions (and access any blocked websites).
- Work Network – The work network usually blocks VPNs for the same reason as they do: they want to control and monitor the online activities of their staff.
The best way to bypass the VPN module is to confuse. VPN obfuscation basically hides the VPN traffic behind standard HTTPS ( Hypertext Transfer Protocol Security ) encryption, for example when you connect to a bank website via port 443.
Many VPNs provide confusing capabilities for this situation. Some offer obfuscated servers ( NordicVPN , ExpressVPN, and VPNArea ), while others offer self-developed protocols that will automatically blur traffic from any server ( VyprVPN ). The following is an example of VyprVPN, which uses the Chameleon protocol (based on OpenVPN) to bypass VPN blocks when other protocols fail:
You are not required to use obfuscation unless you are in a restricted network condition, ie the VPN is actively blocked, as it may affect performance.
Which VPN is right for you (suitable for you)?
Many people are thinking ‘what is the best VPN service’. In fact, choosing a VPN is a very subjective process, and there isn’t a “one size fits all” “best VPN” for everyone.
Ultimately, finding the best VPN comes down to your own unique needs and service use cases. Some people may want an offshore VPN with the highest encryption standards and advanced privacy features. Others may want a secure and user-friendly VPN that works with Netflix and Torrenting.
Here are a few questions to help you get started looking for the best VPN:
- How much privacy and security do you need (threat model)?
- Which devices will you use VPN on, and does the provider support these devices?
- What do you do with the VPN, does the VPN support these use cases? For example: torrenting, streaming Netflix, Kodi, etc.
There are many other factors to consider, such as jurisdiction and logging strategies, but this is a start. You can find the latest test results and recommendations in the best VPN report.
The future of VPN
The future of VPNs looks very bright – but not for the right reasons.
Large-scale monitoring, enterprise tracking and online review are the three drivers that will continue to drive improvements in VPN usage. Western governments are increasingly blocking a variety of websites – from adult content to hosting sites. In many parts of the world, large-scale surveillance continues to increase.
Another worrying trend we have seen is the supervision of cooperation between private entities and government agencies. This has been going on for a long time (see the PRISM program ), but it has reached a new level in the past few years:
- United States : Internet providers can now legally record your browsing history and sell this information to advertisers – or hand it over to a government oversight agency.
- United Kingdom : The UK is one of the most private countries in the world. Internet providers and telephone companies need to record all of their customers’ browsing history, text messages and location data. This data is provided to UK government agencies and is available without any authorization.
- Australia : Similar to the UK, Australia has implemented a mandatory data retention program that requires telecommunications companies to collect text, telephone and internet connection data.
No VPN Internet access really exposes you. As people become aware of the risks of surveillance, data collection and security threats, the use of VPNs will continue to grow – and may become mainstream in the near future.