Connecting to External services via VPN (Secure Connection)

This article outlines the main ideas you need to know to always be able to communicate with your coworkers and use the tools utilized by some of the clients.

Virtual Private Networks

Connecting to the internet using a VPN

What is a VPN?

VPNs allow you to hide your IP from the websites you visit. Your traffic is encrypted from your device to the VPN service.

VPNs do not, however, hide your identity as it is still possible to find your approximate location by other indicators, such as your device’s timezone.

Modern VPNs are as fast as a regular connection, with a minor difference in latency noticeable only in competitive games. Though, it is important to keep in mind that the further the VPN server, the higher the latency.

Which VPN provider to use?

There are many good options available. A good VPN has the following qualities:

  • No data breaches
  • Has been founded more than 5 years ago
  • Privacy policy clearly states that the user data is not monetised and there is no logging of the traffic
  • The reviews on Reddit and Twitter are mostly positive (tip: you can search for such reviews directly in Google search by typing <VPN name> review site:reddit.com)

If you live in or plan to visit a country that has poor digital privacy laws, avoid mainstream VPN providers such as NordVPN, ProtonVPN, and ExpressVPN because when the government begins to pressure VPN providers, they will be the first ones to take a hit.

Some good VPN providers are Mullvad and iVPN. They have a spotless record of security incidents, are incredibly transparent and privacy-focused, provide clients for all platforms, and have been functioning for many years. Additionally, both of them accept cryptocurrencies as payment methods and their clients are open source. Beware that support for popular streaming services, such as Netflix and Disney+, is questionable and may work inconsistently.

It is generally recommended to use the official clients of VPNs, as they are easy to use and optimized to prevent common problems, such as DNS leaks.

Advanced users may consider using bare WireGuard VPN hosted on a rented VPS in a desired location for enhanced privacy and security, although it is not recommended because it takes much more effort to maintain it, and it is no better than any regular VPN in terms of staying connected with any external client software.

Moreover, it is also possible to set up your home router to forward all connections through the VPN. A number of options is available:

  • Miserably small number of routers support this feature by default
  • If your router supports OpenWrt, you can flash it and configure the VPN afterwards
  • Buy a router with a one-click VPN set up out of the box, such as GL.iNet that supports one-click Mullvad VPN set up

Cisco AnyConnect

It is possible to use a VPN in conjunction with Cisco AnyConnect. However, AnyConnect works by overriding the device’s DNS, which many VPNs will not allow to do when turned on. To connect to both of them at the same time, launch the VPN app first, and then launch AnyConnect app through the VPN app in a split tunnel. A step-by-step guide is available for Mullvad VPN.

Alternatively, if you set up your router to forward everything through a VPN or keep your work life in a virtual machine, you can just use AnyConnect as usual.

The Onion Router

Connecting to the internet using TOR

What is TOR?

TOR is a network of servers hosted by volunteers and designed to anonymize its users. It is very popular among journalists and whistleblowers in countries with limited freedoms. Since the traffic goes through three servers, the first one only knows the user's IP, the second one has no information about the user, and the last one actually sends the requests to the internet. Due to the scale of the network, it is very unlikely that a user will go through multiple servers owned by the same entity.

The best way to access the TOR network is through the TOR browser. It is based on Firefox and is by far the best browser in terms of privacy, security, and anonymity out of the box.

It is highly recommended to always have the TOR browser installed at least on one device to make sure you always have access to the outside world, regardless of your location.

How to install the TOR browser?

If your country does not block the TOR network, download it from the official website.

In case it does, try using trusted mirrors by EFF and the Calyx Institute. If this does not work either, email gettor@torproject.org from an email service located in a country where TOR is not blocked, such as Outlook or Gmail. Do not specify the header, and in the body, just type your OS and locale. For example, windows ru, macos en, linux sr, or android cn (iOS is not officially supported). You will shortly receive a regular installation file.

How to connect to the TOR network using a bridge?

If the country you are currently in blocks the TOR network, you will not be able to connect to it directly. To overcome this, you will need to connect to a hidden server (namely “bridge”) to use it.

On the desktop, open the TOR browser and go to Settings > Tor and then check the “Use a bridge” checkbox and try to connect. If it works, then you are done. If not, try the other two options in the menu.

In case they do not work either, email bridges@torproject.org to get a few bridges. Once again, keep the header empty and in the body, type get transport meek-azure, and you will receive bridges soon. Once you do, on the same settings page, select the option “Provide a bridge”, and try to connect to the network. If it still doesn’t work, get new bridges again or try get transport snowflake.

On Android, just choose to use a bridge on the first boot. If you cannot connect to the network with a bridge, get bridges via email, following the steps above.