FINALLY! The VPN Configuration I've Been Looking For!
HTML-код
- Опубликовано: 29 май 2024
- After a long search, I found the combo of privacy tools that perfectly compliment each other! VPN, DNS, firewalls, and more!
➡️ NextDNS Kickback Link: nextdns.io/?from=5v4be7mt
➡️ NextDNS Standard Link: nextdns.io/
Join our form: discuss.techlore.tech
More questions? Confused? Be sure to watch the deeper dive into this video that covers a few mistakes I made, and where I add more information around this workflow: • My Even DEEPER Dive in...
🔐 Our Website: techlore.tech
🕵 Go Incognito Course - to learn about privacy: techlore.tech/goincognito
🏫 Techlore Coaching - to get direct support: techlore.tech/coaching
💻 Techlore Forum - to connect with other advocates: discuss.techlore.tech
🦣 Mastodon - to stay updated: social.lol/@techlore
We cannot provide our content without our Patrons, huge thanks to:
BRIGHTSIDE, Clark, Ente, Larry, Afonso, Boori, Brad, Casper, Cookie, Floyd, JohnnyO, kevin, love your content, NotSure, Poaclu, x
🧡 Join them on Patreon: / techlore
💚 To see our production gear, privacy tools we use, and other affiliates: techlore.tech/affiliates
💖 All Techlore Support Methods: techlore.tech/support
00:00 Introduction
00:23 Our Sponsor (ourselves!)
01:15 Quick recap of VPNs
01:52 Quick recap of DNS
02:11 How VPNs protect DNS
03:16 My journey for something better
06:51 Where my journey led
09:45 But WAIT, there's more
11:15 Other options
12:11 Final words
#VPN #NextDNS #techlore - Наука
More questions? Confused? Be sure to watch the deeper dive into this video that covers a few mistakes I made, and where I add more information around this workflow: ruclips.net/video/py9RtY2fYaA/видео.html
You misspelled natively on 7:08
VyprVPN supports custom DNS as well
control-d from windscribe is also pretty neat
Let's go ahead guys and annoy Proton for enabling custom DNS support!!!
Yep, Ill smash them on twitter
Soon ™
Great. Proton keeps my data away from US sovereignty, which is great for privacy because the US is one of the least privacy-respecting nations on earth. My bottom line is to ensure any personal data I want to keep private do not go near US platforms or territory. So, I too would encourage Proton and other non-US providers to match what is available from the likes of IVPN. I’d love to see better non-US providers of anonymous VOIP with SMS equivalent for 2FA as well. There is still quite a gap in the non-US market for this.
You're a champ, Henry! Thank you for sharing this. I've spent the last couple years struggling with balancing these two tools since any VPN I used made my custom Pi-Hole blocklists completely useless, and there simply are not good firewall options for each of my various devices that allow DNS blocking instead of blocking on a per-app basis. I never wanted to pay for a VPN (I use ProtonVPN, which does have custom DNS but only on Windows) because of this issue and how infrequently I used them, but this actually makes it practical to use them exponentially more now and reap the benefits while still enjoying all the custom domain blocking I want.
Much appreciated, keep up the great work!
I have been using Windscribe and Control D for a few months now (before this video) and I really enjoy it. I like the stats that Control D gives me. 🙂
That worked great and I was about to give up but IVPN & NextDNS works perfectly. Thank you very much.
I definitely love this channel!
This is awesome bro, big thanks.
Keep it up 👍🏿
This is awesome, I thought about it a bit and I'm gonna switch to IVPN from Proton now
Thanks, I've been looking for this since I moved to iOS!
Mullvad user here, doesn't Mullvad on Android and desktop (idk about iOS) natively support a DNS of the user's choice as long as they put it in like an IP address in the app?
Good job Hank!
Great tutorial thank you it was very useful
Thanks!
AdGuard has its own DNS service btw and lets you load exactly those custom Blocklists that you mention. I am using it everyday, also to block first level to telemetry.
Is it safe as Adguard is a Russian company?
please do videos on NextDns and/or Control D
I am currently working on setting up Clash with VPNs and thinking of which DNS solution to go with. So I might just end up using NextDNS, that introduction of features was very convincing. OpenWrt also seems to natively have it in it's repositories, which is a big plus. But, say I run NextDNS on my local network, can I copy that very config to my phone - automatically, perhaps - and take it with me when I am not at home? My first thought would go to using Syncthing, but I know too little about NextDNS on phones...
What does NextDNS provide not available through Quad9 or my own DNS server? What's so magical about about the IVPN+NextDNS instead of Mulvad+(any Custom Dns I specify) ?
How is this better than Pihole + OpenVPN ?
Where's the magic, the silver bullet? What am I missing?
for max security I think this would be an interesting idea to attempt.. though realistically probably too slow to use.
TL;DR: [l-fw -> trk-prt-brws -> {slf-hst-dns-fltr -> cache-server ->} n-fw -> VPN + DNSSEC{-> VPN/Proxy/TOR ^#}]
local-firewall -> browser -> pi-hole or adguard -> cache-server[hey if you don't have to access it again in person...] -> network-firewall -> VPN + DNSSEC[nextdns] -> another VPN -> TOR -> site [this is using a VPN then another and then using the tor browser fyi]
Hope you have a great day & Safe Travels!
This very same issue bugs me on Windows every day. For instance, I want to communicate with my NAS via hostname, from loading it in a web browser or via s shared drive. When on my VPN, I can't since the DNS goes to the VPN. Currently using Proton. I hope one day providers can implement some safe way to add custom DNS queries. My Proton subscription ends in July so maybe I jump ship to IVPN this year.
you could use a Proton's VPN profile for wireguard, and change the DNS in the wireguard profile for the client. Downside is that each profile for wireguard only connect to the server you set up
I personally self host wireguard and adguard home dns (so it blocks ads) on a 1$/month vps. It works very well I have a web interface for the vpn and the dns behind authelia, so one account for both. And just like that I can have as much devices as I want and a 100% trustable vpn.
Found you randomly on RUclips. Watched for the articulate, well researched and informed content, (but forgive me) stay for the hot AF guy speaking.
ultimate setup is to have a pfsense firewall connecting to a VPN so the whole network is secure, plus installing Adguard home so you have all the control over your DNS queries plus the option to encrypt them
how does this compare to those of us using adguard on a raspberrypi or pihole? This is free
what about our speed trafic after this ? does it goes slower a bit ? that seems like 3 layers more for our privacy
I have a similar setup on my Android phone but with Mullvad VPN and Adguard DNS instead. However Mullvad does not support DOH or DOT...
@Tecklore First, thanks for your channel and content. It is definitely top notch. I subscribed a while ago, but totally forgot. Now I rediscovered it and, as a total newbie, am watching and learning from your incredibly interesting and well presented material.
I have a quick, stupid question from a newbie, if I may. Is it safe to use a VPN over TOR? If yes, how could I find that info or video? I've searched a lot about this but, for me, it is very confusing. Some say "yes, use it like this and that" (very confusing again), some say never do it.
Thanks again for this channel. It's just awesome!
Hey there & thanks for your question! Unfortunately, due to time constraints we are unable to answer technical questions in the comments. We have a forum (recommended) & a Discord server for you to get help from our communities. Otherwise there are many great privacy-focused public Matrix communities!
Forum: discuss.techlore.tech/
Discord: discord.techlore.tech/
hi, I was searching for the same question like for a month. Did you find anything? I heard that I need to use wireguard. then when you connect tor browser, I can use mullvad vpn over tor, with the help of wireguard. anyways did you find anything useful? if you find, it would be cool if you can share it
@@techlore , can't you guys make a tutorial video about how to use VPN over TOR? Because there is literally no video about how to do this on the web. So when someone searches for it, they will see your video directly, so you guys can earn new subscribers. The reason I want to use VPN over TOR is:
the site I'm going to abuse will not know the fact that I am using Tor. So when they sue me, the site will give the VPN's IP adress to goverment. So the government will need to ask for logs from the VPN service to find out I'm using TOR, and they probably won't have any logs in their hands because months will be pass since the abuse. Also I will do the operations by connecting to a public wifi from a laptop that i have never used in my house before and does not belong to me.
Anyways it would be great if you guys can make a tutorial about it because i have zero software/programming knowledge
I have a question. VPN offers privacy, but if you use a unique DoH URL, will you still have this privacy? Or will it be possible to identify you based on this unique URL?
That's the thing I'm wondering too. The benefit of a VPN's DNS is everyone using the VPN goes through it too so your traffic is still hidden but if you're using a custom DNS then that's something that makes your traffic stand out.
I know sites can for some reason see who your DNS provider is, but I don't understand how their able to get that data. If DNS is suppose to tell your computer what IP owns a domain, how exactly is the IP (service) get to figure out who your DNS provider is?
it's awesome but how the latency is effected?
because I know from personal experience DOH sometimes effects latency
ok proton doesnt have custom dns on android or ios as far as im aware but it is available on windows which is kinda weird why its not on their other clients
No, not an option as far as I know. Someone can correct if this isn't the case. -H
We can have custom DNS for IPv4 in the ProtonVPN Windows app and we have had this option for quite a long while.
I use mullvadvpn and quad9 so how does nextdns compare to quad9?
It seems that if you have an Android phone and you configure next DNS inside of the phone's settings you can run proton VPN while still having everything go through next DNS. I did this and I've been using DNS checking sites to see if it worked and so far it has.
Can this be configured on the router level in your home?
I have Pi-hole on a raspberry that configured as a network-wide openVPN to Proton, so all my home devices get the benefit of DNS ad blocking, and Proton without device limits. This doesn't really fix mobiles when away from the network (though I do have openVPN back to my home network, I don't think this covers when using mobile data.) . I think this achieves pretty much the same thing and give me extra flexibility for my own blocklists.
I believe this is what I'm trying to achieve with my network... If possible I could use the help setting this up.
Why is DNS required with Windscribe VPN, when Robert feature is integrated inside the VPN already? I don't see enough benefits in using a DNS with my current VPN provider (Windscribe).
I am looking for a way to get Moneros as easy as possible. Any hints?
How does NextDNS compare with CONTROL D (windscribes over product) ?
Mullvad supports custom DNS setups on Android and other OSs through its client.
Wouldnt be nextdns another point of failure? What if the government wants connection data for this dns query, nextdns surely has not that privacy levels of vpns right?
Yaaaay, you uploaded again 📈📈📈
Some VPN providers have a tool to generate a Wireguard config file for use with third-party clients. Just put your custom DNS IP in that.
How can you trust a company based in the USA? Doesn't that go against being private in general?
hey, can you please link the video that you show how to delete old, unused accounts ? i can't find it
Curious to hear your thoughts on Quad9 vs NextDNS
Probably NextDNS is better because you cannot customize Quad9
@@julianocc This is true, I'm thinking more of a privacy standpoint. I think Quad9 is likely a bit better in that regard.
if your router only supports ipv4 & you are on linux with kde & you followed the linked ip version of the guide try to reboot that fixed it for me
Anonymized DNSCrypt for the win
Been running GlassWire + NextDNS on my PC and NetGuard + NextDNS on my Androids for years.
Nice
That's intesrestn, although, now all your DNS queries are logged under your email instead of just your IP. Do they accept Monero, there's no way of checking that unless I create an account, which I don't want to.
Great content!!!! I have a question: by doing what you discover as a "perfect" way for you to do custom DNS throught VPN, I have a sincere question... Doesn't thisd make you more "unique"? I mean, VPN are sometimes used for not beeing able to singularize (I do not know if this word exists) you, meaning you and a bunch of people use the same IP for the VPN server. By doing this unique configuration doesn't it make you more easy to spot on, when dealing with all the IVPN users? It's a sincere question and maybe I am confusing something... Thanks anyway and sorry if this does not make any sense to you....
Same q that I have. Does ivpn make you anonymous while using next to dns?
You didn't talk about config with Android. I use myst vpn and wondering what DNS will work with it
Ivpn is the best. It's expensive as fudge, but I love Ivpn.
But I can't use net guard to block apps with vpn right un android since net guard uses vpn settings?
Yes this was an oversight on my end for this video, the 'layering' doesn't apply to Android as well, unless your ROM natively supports these features. (CalyxOS/iodêOS) -H
nice
What about safing‘s spn 🤔
What about using quad9?
Why not use Mullvad adblocking feature?
Strangely ivpn is down at the moment and I am unable to sign up
Doesn't it make fingerprinting easier in some cases?
Do you expose yourself by using next dns? Or does ivpn make you anonymous?
What about rethink dns
Mullvad + NextDNS FTW.
is NextDNS opensource?
Yes.
Proton has custom DNS on windows, it's the last option under the conection tab
Not for mobile tho
kinda just wish IVPN supported unlimited devices :(
Quad9 vs. Next DNS..which one is better
I like quad9 because they are based in Switzerland which means awesome privacy laws.
What about Orbot?
Based
i guess it's all apple's problem. i've been able to use any vpn client + nextdns for the last couple of years without any problem on my windows laptop and android phone. on android i simply use the built-in custom dns settings, while on windows i'm using yogadns. any vpn i'm using will use the nextdns and so far there's no leak.
You cute little security nerd you now I’m enthusiastic about something I didn’t know I cared about
Can NextDNS block RUclips Ads on mobile?
if I understand correctly, blocking all youtube ads via dns is quite hard since youtube uses same domain names for the actual videos and ads. Libretube is a great option that also includes sponsorblock or a mobile chrome browser like kiwi that can add desktop browser extensions like ublock origin.
Mullvad got custom dns on all clients i Think
use RPI to merge everything together
what is rpi ?
@@xugo91 raspberry pi
Ever heard of Naomi Brockwell?
Is Next DNS 300000 queries enough for month?
Most likely. Just depends on how many devices u connect to it and how often u use each device
Anti-Tracker mode must be disabled for this to work
just a heads-up for anyone wanting to try this
Thanks, but I'll just use Adguard with my own VPN service provider.
It's all about your own journey! - S
fresh tomato haves DoH already on their firmware routers.
👍
Proton worked fine for me before watching this video.
ROTFLMAO
NextDNS: "We don't keep logs"
4:34 "Oh really"
Meanwhile, Android simply overwrites whatever DNS your VPN uses lol
With all these turned on… how slow is your connections then? Dial up 9600 baud speed? Lol
How do we know that Proton VPN and/or IVPN are not honeypots? It all boils down to gut instinct and trust, no? It's 100-percent trust.
so...the Conspiracy Fly on Family Guy was right this whole time?
dope
You could just change the DNS settings on your phone settings and connect to proton VPN.
👏💻👏🏆
Windows ProtonVPN app has custom DNS for IPV4 where we can set NextDNS, I'm using this configuration for a long time now.
I'm also using Android app for ProtonVPN and NextDNS because in Android the custom DNS takes preference over everything so you can use ProtonVPN for VPN while the DNS queries are still routed through the Android OS and the custom DNS you've set there.
IMO this video isn't upto your usual standard of content in this channel and I hope the content quality doesn't plummet like this, I'm sorry to say this was poorly researched and didn't account at all for all OSes. Also NextDNS has been out there for years, I'm glad it gets mentioned atleast now.
Mullvad don't support DoH 😣
No te entendí muy bien, mi amor...
It’s cause adguard is garbage, slow af, cloud based
way toooo many words...
Ok, that gay pink T-shirt has to go 😁