Free VPN which works on FreeBSD

Using VPN on anything else than your router in 2026 is pretty crazy to be honest.
Got too many smart TVs that'd complain :p

I'd rather not use VPN server bandwidth for stuff that doesn't really matter, and I usually only do stuff that matters on 1 computer. If a VPN didn't have OpenVPN for practically easy-config any OS, I wouldn't consider it
 
Got too many smart TVs that'd complain :p

I'd rather not use VPN server bandwidth for stuff that doesn't really matter, and I usually only do stuff that matters on 1 computer. If a VPN didn't have OpenVPN for practically easy-config any OS, I wouldn't consider it
Thats what policy routing is for.
 
I use ssh -D to bind one of my ports to that of a remote host for inner net penetration and similar needs.
Besides,I used to use a VPN client called FlClash on GNU/Linux.It provides sources code,but I don't know if it compiles on FreeBSD.
 
It's crazy from your point of view, but if you use a VPN for practical reasons, such as geolocation or P2P, running it on a router is less flexible.
There is also the issue of updates, it's one of the reasons why I don't use OpenVPN on my router these days, it hasn't been updated in years. For outgoing connections installing on a router is technically feasible, just not generally a great idea unless you've got devices that outright can't be connected in some other way or you want to ensure that 100% of the traffic originating in the network goes over it.

As for the topic at hand, I certainly wouldn't go with a free VPN for so many different reasons, but rolling your own with a VPS and Wireguard, tailscale, OpenVPN or whatever other VPN software you care to use to exit through it is a potential option. Although if the site is being super picky about the IP's origin that can easily turn into a game of wac-a-mole.
 
I pay for the Proton services, I use them as web apps, OS agnostic. The VPN app isn't supported in FreeBSD.
Until recently ProtonVPN ran as an extension in, my case, Firefox, it stopped working.Switched to chromium. Proton extensions work.
New info for desktop users. The protonvpn extension now works, Firefox 152.0.4, FreeBSD 15.1-p1
 
vpngate, which uses openvpn among others, is free and uses random softether participant addresses, so it's not blacklisted all over the place like mullvad or nordvpn are. The exit nodes are unreliable though, so if you need long term connectivity, it won't do the trick for you
 
vpngate, which uses openvpn among others, is free and uses random softether participant addresses, so it's not blacklisted all over the place like mullvad or nordvpn are. The exit nodes are unreliable though, so if you need long term connectivity, it won't do the trick for you
There is no such thing as free vpn. Please stop.
 
Tor can kind of be used like a free VPN service. Just set up machine's firewall with it as a transparent proxy. Perhaps you can adapt some of the guide here.

Otherwise, rent a cheap private server on some cloud platform (azure, ibm, amazon). You can perhaps get down as low as £5 if you do Raspberry Pi rental at i.e MythicBeasts. Then use i.e SOCKS5h (ssh -D, dante) and setup as a transparent proxy.
 
Tor can kind of be used like a free VPN service. Just set up machine's firewall with it as a transparent proxy. Perhaps you can adapt some of the guide here.
You can, but many services on clear net block Tor. And there are tons of exit nodes owned by three letter agencies. Not to mention poor speeds and connection reliability. Using it as a proxy is pain when the node goes down. And to add insult to injury, Tor Browser was recently caught disabling user agent masking. So if you use it in FreeBSD or Linux, you will stand out.

If you are experienced user, buy vps and create your own vpn.
If you are noob, buy a comercial vpn.

Ignore these "free vpn" suggestions and dont be gullible.
 
If you are experienced user, buy vps and create your own vpn.
If you are noob, buy a comercial vpn.
All VPS providers are well known and their IP addresses are blacklisted these days. Also, you will struggle to find vps that aren't vastly more expensive then the vpn offers, with most vps having traffic limits on top of being more expensive.
So if you use it in FreeBSD or Linux, you will stand out.
The operating system you use is irrelevant. If you use a browser at all, you will stand out, as the primary web "consumers" these days are AI chatbots. So the only thing you navigate your browser to should be the site of your chatbot, and that only if it doesn't have a smartphone app.
 
All VPS providers are well known and their IP addresses are blacklisted these days. Also, you will struggle to find vps that aren't vastly more expensive then the vpn offers, with most vps having traffic limits on top of being more expensive.
That is absolutely not true. Im using several VPS servers, never had issue with either one of them. On top of that, i use paid VPN service that also has no issues for what i use. And even if what you said is 100% true, you should not use/visit websites that blacklist VPN/VPS. Simple as that. For legit services like banking, you can always do policy routing or split tunneling.
The operating system you use is irrelevant. If you use a browser at all, you will stand out, as the primary web "consumers" these days are AI chatbots. So the only thing you navigate your browser to should be the site of your chatbot, and that only if it doesn't have a smartphone app.
You are wrong again. You user agent can expose your operating system type. If you use FreeBSD, you are automatically narrowed down to a 0.02% of users on the internet. If you use Linux, you are narrowed down to, what, 5% of all the users. If your user agent reports Windows 10/11 you are in the 90% of the users on the net. There is a reason why Tor Project decided to remove user agent masking. You can also be identified by dns leaks, canvas fingerprinting, collection of installed fonts on your system and even with your graphic card by querying webgl parameters. I dont want to talk about smart phones because i dont use that. If you do, this conversation is over.
 
There is a reason why Tor Project decided to remove user agent masking. You can also be identified by dns leak
I do tend to experience the Tor symptom of "prove you aren't a bot" on i.e cloudflare due to blacklisting and traffic counting. However I find that if you specifically tailor your torrc to avoid common end-points (and also choose English speaking countries to avoid translating everything) you can mitigate some of the pain. ~60% reduced. That said, I rarely use busy websites that do that kind of checking.

Also, the trick is to not use the browser stuff at all but use the underlying tor daemon directly on your gateway to create a transparent proxy or a SOCKS5h service that the internal computers need to use or they simply can't connect externally. This eliminates DNS leaks.

In short, behind my gateway there is no DNS at all, you have to go through SOCKS5h to tor. This also has the side effect that Windows workstations don't sh*t on themselves with broken updates because only firefox knows the proxy host, the rest of Windows doesn't.
 
I do tend to experience the Tor symptom of "prove you aren't a bot" on i.e cloudflare due to blacklisting and traffic counting. However I find that if you specifically tailor your torrc to avoid common end-points (and also choose English speaking countries to avoid translating everything) you can mitigate some of the pain. ~60% reduced. That said, I rarely use busy websites that do that kind of checking.
Its still not set it and forget it solution.
Also, the trick is to not use the browser stuff at all but use the underlying tor daemon directly on your gateway to create a transparent proxy or a SOCKS5h service that the internal computers need to use or they simply can't connect externally. This eliminates DNS leaks.
I know what you are saying. But this is far beyond something that average Joe can setup properly. Or even willing to do.
In short, behind my gateway there is no DNS at all, you have to go through SOCKS5h to tor. This also has the side effect that Windows workstations don't sh*t on themselves with broken updates because only firefox knows the proxy host, the rest of Windows doesn't.
No microsoft in my life.
 
Its still not set it and forget it solution.
[...]
this is far beyond something that average Joe can setup properly. Or even willing to do.
Absolutely. Average Joe wouldn't even be on these forums to read my suggestion.

No microsoft in my life.
Heh, its more so I don't need to fix the wife's/kid's/dog's/rabbit's Windows laptops when the crap hits the fan. Android and Apple offerings also benefit from this kind of isolation too.
 
This forum is full of average Joes. Just take a look at this thread. People are recommending so called "free vpns" and they are arguing in favor of it. Im not an expert in this area, but my god...
 
Otherwise, rent a cheap private server on some cloud platform (azure, ibm, amazon). You can perhaps get down as low as £5 if you do Raspberry Pi rental at i.e MythicBeasts. Then use i.e SOCKS5h (ssh -D, dante) and setup as a transparent proxy.

I find that the usual server renting places are usually blocked by geo-enforcing websites. Amazon EC2 Frankfurt for example is useless for those purposes.
 
I got a VM in Italy which I use as a NAT router for watching Italian TV. There's an IPSec tunnel from my Linux Raspi home router to that VM, and I'm using a routing policy for sending certain kinds of traffic to Italy on demand. nft sets come in very handy for that. You just add an internal IP to the set (tablet, smart TV), remove it when you're done watching, and that's it.
 
I wondered if get_iplayer might be of use, but according to this faq entry, it appears not.
 
Back
Top