I’ve gotten caught for torrenting, and now Binance won’t let me login from the US, so looking for a solid VPN.
Which VPN has a Kill-Switch that won’t fail?
(I’ve heard many stories that a Kill-Switch momentarily failed, I don’t want my Binance closed because of it, or getting a warning letter from my ISP for torrenting).
I run all my torrent stuff in a separate VM that uses Wireguard with Mullvad. Instead of firewall rules, my killswitch is achieved by setting up a static IP in the VM with no default gateway, which means that the VM does not know how to get anywhere off my network since it doesn’t know where the router is. Then I setup a static route to the IP address of the VPN server, meaning that the only place the VM knows how to get to without being connected to the VPN is the VPN server. If my VPN connection drops, the VM doesn’t know how to get back out to the Internet until the VPN reconnects since it doesn’t know where to route the traffic.
On my setup, the static ip and static route is all set in /etc/netplan/01-netcfg.yaml which looks like this.
network:
version: 2
renderer: networkd
ethernets:
eth0:
link-local: []
addresses: [192.168.0.150/24] # static ip
dhcp4: false
routes:
- to: 1.2.3.4 # ip of vpn server
via: 192.168.0.1
I run my clients that need a VPN on a separate VM that has no internet access whatsoever except the VPN port. That way if the VPN fails, the VM loses internet until I fix the VPN.
Out of curiosity, what is Binance’s issue with you torrenting?
Thanks for the response - I’d be using it more for logging into Binance, are there any tools for making sure Binance cannot see my original IP?
Hello, astutesnoot: code blocks using triple backticks (```) don’t work on all versions of Reddit!
Some users see this / this instead.
To fix this, indent every line with 4 spaces instead.
^(You can opt out by replying with backtickopt6 to this comment.)
Is that complicated to do? Do you run the VM on your computer, or an offsite VM in another country / location?
So in the Virtualbox or VMware, you have to select only the vpn tun interface as the network connection? I havent used virtual machines but i remember hearing about that.
Use a proxy in your browser, especially if it’s an internal proxy that can only be reached when you’re connected to your VPN (which will act as a sort of Killswitch)
I have a dedicated VM system I run it on (along with Plex, *arr, etc VMs)
You don’t have to though, you could run it on your desktop system using virtualbox, you just have to make sure it gets it’s own IP. (on desktop systems, VMs can share the desktop’s IP depending on the settings)
And, of course, lots of testing to make sure it can’t escape to the internet when the VPN is off.
I block it at the router.
Block all outgoing on the VM’s IP and then another rule for 1190 (or whichever port for the VPN)
I’ve got a cron job that checks a simple ping from the VM out and emails me if the ping fails.
Thank for this - any resources you’d recommend to get started with using a web proxy? I’d have to pay for both a browser proxy and Surfshark VPN then?
Binance won’t let US ip’s login to their site, I’m planning on getting Surfshark to login from a European IP, but that would mean my proxy needs to also be in Europe right?
thanks for that reply. I’m semi-computer literate, do you know what I should google to figure out how to do this?
A lot of that went over my head, but if i want to do it at the VM software level, i should be able to make the VM only select the VPN tunnel of the host, right? That way, if the host drops the VPN tunnel and reconnects to the default gateway with the ISP ip address, the VM should have no ability to connect to the internet as the VPN tunnel has dropped?
My use case has my clients (torrent & usenet) inside a VM with openVPN.
The VM has it’s own internal IP and I setup my outgoing firewall rules on my router so the VM’s IP can only use the VPN’s port.
This could also be done inside the VM if you have control of the OS’s firewall.
i see so you havent installed the Openvpn client directly on the router, but you have a fixed VPN port that you bind to the VM and enforce that rule via the router.
