Hiding the fact that you’re using a VPN is possible, but might not last long. That’s because the services you use, the websites you visit, or your workplace/university/library have genuine reasons to block VPNs. Additionally, they make sure the block is continuous by adapting their security measures or coming up with brand-new ways to ban VPNs. The same is true with countries such as China, which bars unauthorized VPNs daily. We’re pointing this out to make you aware that a method could suddenly stop working. If it does, you’ll need to reimplement it or try a different one. With that said, here’s how to hide a VPN.
1. Choose a premium VPN provider
By far the easiest way to hide a VPN is to choose the best VPN service for your needs. In other words, why worry about using up-to-date methods when you can buy a VPN and let them worry instead? Not only do the quality VPN providers offer 24/7 Customer support, but they also have forums and knowledge bases.
Also, with millions of customers worldwide, they have a strong imperative to make sure you can bypass a VPN block at any point in time. Best of all, this way requires no technical knowledge and allows you to hide your IP with a click or a tap.
What to look for when selecting a premium VPN?
VPN providers can configure all of their servers to be undetectable to those prohibiting VPN users through DPI (Deep Packet Inspection). However, the added security can have an impact on VPN speed, so it’s not an ideal choice for everyone. For that reason, look for “specialty servers” or “dedicated servers” or “Obfsproxy” features.
An example of this is Obfuscated servers offered by NordVPN, Obfsproxy offered by TunnelBear, or servers utilizing the NoBorders feature on Surfshark. A similar feature is “Scramble” offered by IPVanish and StrongVPN, which masks your VPN connection and makes it look like a regular IP address. We’ll also mention features such as VyprDNS and StrongDNS. Read method 3 to find out why.
2. Get a static IP address
Whether you buy a VPN subscription or get a free VPN, you are given a shared IP address used by thousands of others on a VPN server. This makes the IP address easy to look up and flag using a VPN prevention system. To stop this from happening, you can purchase a static IP address from the VPN provider.
Now that you’re the only one using it, it resembles a regular Internet connection, which allows you to conceal your VPN use effortlessly. If you decide to create a VPN server on a router using OpenVPN, this won’t be an issue, so worry about methods 4, 5, and 6 only.
3. Make sure the IP address and a DNS server match
Unfortunately, using method 2 alone might be insufficient. This is because the websites/services uncovering VPN use have gotten smarter. Lower-tier VPN providers usually only mask the real IP address through VPN servers. They do nothing about the DNS (Domain Name System) server, and you continue using the DNS server provided by your ISP (Internet Service Provider) while connected to a VPN. That’s how your use of a VPN gets tracked down by the Netflix VPN blocker, for example.
This is an even bigger problem with mobile VPN apps. Even if the VPN provider provides both a new IP address and a matching DNS, the apps might have permission to override DNS settings. This reverts them to the original one, thus leaking your real DNS. VPN browser extensions are even worse, and even those by reputable VPN providers struggle with the prohibition of VPNs.
Creating a server on your router automatically removes the conflict between the IP and DNS, and is a good solution. Also, if you make a VPN server elsewhere using OpenVPN, always use accompanying OpenDNS.
4. Use a proxy
Although using a proxy doesn’t encrypt your Internet traffic, it can eliminate problems with VPN blocks. Even better, you can use it in conjunction with a VPN to maintain security online. A good example of this is the SOCKS5 protocol, offered alongside dedicated DNS servers by many premium VPN providers. If you are making your own VPN server and want to camouflage VPN use, make sure to use Shadowsocks. It’s an open-source application that utilizes SOCKS5 for data transfer.
5. Change the port your VPN uses
Websites or services that don’t want to deal with constant blocking of IPs or look for conflicts between IP and DNS block ports used by the VPN security protocols. So, even if you use methods 2, 3, and 4, you still can’t disguise your VPN use. The solution for this is to port forward on your router or use port forwarding features offered by VPN providers. Then, play around with/steer clear of the commonly used ports by VPN protocols:
- OpenVPN. UDP: 1194, 1197, 1198, 8080, 9201 | TCP: 53, 443, 502, 501, 110, 80
- L2TP. UDP: 500, 1701, 1707, 4500
- IKEv2. UDP: 500
- PPTP: TCP: 1723
6. Use TOR or TOR over VPN
This is more geared toward masking the use of VPNs in a workplace or university or school. By installing a free browser named TOR (The Onion Router) you bounce your traffic through multiple network exit nodes, thus hiding your identity. If you also combine it with Obfsproxy and a well-configured VPN connection, concealing a VPN won’t be an issue.
7. Employ Double VPN
Using a double VPN can also effectively hide VPN use. As the name suggests, your data will be routed through multiple VPN servers to hide your online activities. It is much safer than a single VPN connection, as the user can decide the entry and exit points of the VPN network. An ISP can only see where his data is going; after that, the traffic will be routed through multiple servers, so the ISP can’t locate the destination. Some providers even offer a dynamic double VPN that keeps changing the traffic route, adding more security.
8. Redirect your VPN traffic
Another way to hide your VPN traffic is by using an SSH or SSL/TLS proxy tunnel. It adds an extra layer of encryption, making it far easier to bypass firewalls. An SSH tunnel works via port forwarding and connects two devices.
Hence, you can bypass a firewall placed on a device by routing your data through the connected device. SSL/TLS, on the other hand, favors HTTPS connections. Any VPN traffic passing through these tunnels appears to be HTTPS, hence bypassing blocks.