Hi, i’m looking for a VPN that:

  • is easily deployable via a docker-compose
  • has an Android App and it doesn’t drain the battery too much
  • hides as regular HTTPS traffic so it’s not blockable by Firewalls. (I don’t need strong censorship resistance; it just has to work in offices and hotel WiFis.)
  • Bonus: A server like caddy can also accept HTTPS traffic for some regular websites next to the VPN server.

https://github.com/TrustTunnel/TrustTunnel sounds interesting, but the PR for docker compose was closed.

Do you know something else?

  • iopq@lemmy.worldEnglish
    41·
    14 hours ago

    Wireguard is not resistant to blocking, it is plain as day if you’re using wireguard and china had blocked it for years

    • irmadlad@lemmy.worldEnglish
      3·
      14 hours ago

      I sort of said as much. It really doesn’t matter, imho, what you use. As soon as that service becomes abused globally, everyone blocks it, including Tor. Any server using DPI or TLS will spot it a mile away. Now, if you have a fool proof way, than I am very much ready to be educated.

      • iopq@lemmy.worldEnglish
        12·
        36 minutes ago

        It does matter.

        When I connect to my VPN, the network sees that the server name is yahoo.com

        It actually connects to my server which sends the request to yahoo.com and then replies with the cert. So the network sees that yahoo.com sent the cert back to my client from that IP address

        Then there is a bunch of encrypted communication with timings and sizes that look like I’m downloading stuff over http.

        I’d like to hear a credible model of blocking this