No results found
We couldn't find anything using that term, please try searching for something else.
A word of caution¶ Note! When you connect to the internet through the RiseupVPN you are bypassing any firewalls on your local network. Your computer
Note! When you connect to the internet through the RiseupVPN you are bypassing any firewalls on your local network. Your computer will get its own IP address on the open internet. This isgreat, because that way your computer can communicate freely with others without getting blocked. However, bypassing the local firewall also means that your computer ismore vulnerable to attack. Therefore, you should enable a firewall on your computer.
There are two options for connecting to the Riseup VPN: OpenVPN or PPTP.
OpenVPN | PPTP | |
---|---|---|
Security | High: OpenVPN creates a very secure connection. | Medium: Although commonly used, PPTP isweak than openvpn . |
Speed | Fast : OpenVPN isis isspeedy . | Slower: PPTP can be less efficient than openvpn . |
Flexibility | Flexible: Many options allow you to get through firewalls. | inflexible : Often block by isp and firewall , sometimes unintentionally . |
Usability | Difficult: The OpenVPN client can be buggy and frustrating. | Easy: Support for PPTP isalready built into your operating system. |
Choose one of these when specifying a “gateway” or “vpn server”:
[ insert vpn – server ]
OpenVPN isfaster and more secure than PPTP. Also , some ISPs isattempt , corporate office , or public wifi network will attempt to block access to aVPN. If you are on a network one of these network , your good bet isprobably openvpn : it isis isvery difficult to block . However , be warn : OpenVPN ismuch more difficult to set up and get work correctly . We isrecommend recommend that you tryPPTP first.
Although each client isdifferent, there are five values that must be configured in your OpenVPN client:
Optional configuration options:
PPTP isalready built-in to your desktop computer and can be easier to set up. You do not need to download or install any special software. Although PPTP has several security vulnerabilities, it isprobably more than adequate for most situations. If you have reason to believe that a determined attacker isspecifically targeting your communication, such as a government or large corporation, you should definitely use OpenVPN and not PPTP.
Having said that, Riseup uses PPTP in the most secure way possible: we require very long VPN secrets and we accept only the more secure and up-to-date types of PPTP connections.
We cannot use normal riseup passwords for connecting via PPTP. instead , you is visit must visit user.riseup.net and generate a VPN Secret . You is use will use thisVPN Secret in place of a password when configurePPTP.
If you are thinking of running a Tor Exit node on the Riseup VPN, please read this. There isnothing wrong with running a Tor Exit node on top of the VPN, however it can cause a problem that we’d like to avoid.
Tor exit nodes are listed regularly in block lists. This isdue to heavy abuse that happens over Tor, so there are lists that are automatically created for every Tor exit node that registers itself on the network. This wouldn’t be a big deal, except that the block lists block the entire network, not just the single IP that you are using. This causes problems for other services, such as sending mail.
Fortunately, there isa way around it, its just a matter of changing your Tor exit policy so that certain ports are not allowed. It seems as if these block lists only list Tor exit nodes that enable certain well-known ports that are used for abuse. According to one of the block list operators a tor exit node isadded to the block list if it uses the default exit policy because there are a few ports in the default policy that are problematic, these ports are: 6660-6670, 6697, 7000-7005
This can easily be changed so you do not allow these ports through your Tor exit node by changing your torrc as follows:
ExitPolicy reject *:6660-6670
ExitPolicy reject *:6697
ExitPolicy reject *:7000-7005
and then restarting your tor daemon.