That’s an interesting set of requirements. Firstly monthly is obviously the most expensive option, you can pay for a lifetime sub with several providers vs. what you’ll pay for 12 months on a monthly with many. Also if you pay yearly, one lot of conversion charges (your bank actually charge separately for this? Most just load a less favourable rate and take a margin). Why specifically do you want a static IP from a VPN provider? You’d route services via your normal IP usually or use a domain/CDN, static doesn’t make a lot of sense unless I’m missing something?
*** VPN Thread ***
- Thread starter kPATm
- Start date
That’s an interesting set of requirements. Firstly monthly is obviously the most expensive option, you can pay for a lifetime sub with several providers vs. what you’ll pay for 12 months on a monthly with many. Also if you pay yearly, one lot of conversion charges (your bank actually charge separately for this? Most just load a less favourable rate and take a margin). Why specifically do you want a static IP from a VPN provider? You’d route services via your normal IP usually or use a domain/CDN, static doesn’t make a lot of sense unless I’m missing something?
A static IP for a VPN allows you to map open ports to a torrent client, as one example. Gitracer, if you really do need a static IP then AzireVPN (10Gbps servers, static IP over OpenVPN) or TunSafe (12 Euro donation to the project gives you a static IP over WireGuard for 6 months. Server access is currently free).
Caporegime
You don't need a static IP, the provider just needs to support port forwarding, PIA has certain servers that allow it, you get assigned a random port.
Yeah I do know that, I was just answering Avalon about possible reasons to be asking for a static IP. PIA only forward one port; AirVPN let you forward dozens, some providers won't forward ports at all. I like Azire's approach personally. They don't forward ports but if you do want anything custom like that you can just select to grab a public IP instead of NAT for that session. That way all your ports are available and it's up to you to set it up (and secure it) how you wish.
There are other uses for a static IP over VPN that a port foward won't work for, as well. For example my mate has issues atm and only has a RasPi3. I set him up a Windows 10 VM and connected it to a static IP over a WireGuard tunnel so he could remote directly into it using $(VPN_IP):3389. That connection was invisible to my network (i.e. bypassed it) and meant I didn't need to mess around with forwarding ports etc to the VM. Easy.
I've been with Nord for about a year now, and am slowly seeing performance problems become more common. I'm connected to UK servers and in the evenings I see my speeds drop. In the day, i'll max out my 70mbit connection, in the evenings I've seen as low as 18mbit. If I try 6 or 7 different servers at random I'll eventually find one that's fast but it's a bit of a pain! Anyone else seen a similar problem? I'm connected via OpenVPN effectively at my router. Unfortunately it seems to be a popularity issue, NordVPN get more customers faster than they add servers.
Which router? I ask as very few consumer routers can manage anything like 70mbit via OpenVPN, without hardware acceleration or a real CPU with AES acceleration and high single core clock speed it's a big ask (openVPN isn't multi threaded). Now of course if you tell me you have two of those TR cores devoted to a VM running pfsense or similar i'll shut up and blame Nord
Which router? I ask as very few consumer routers can manage anything like 70mbit via OpenVPN, without hardware acceleration or a real CPU with AES acceleration and high single core clock speed it's a big ask (openVPN isn't multi threaded). Now of course if you tell me you have two of those TR cores devoted to a VM running pfsense or similar i'll shut up and blame Nord
I said "effectively at my router" because my setup is kind of weird and didn't want to get into details. But I have the following:
ISP router -> fanless mini-pc with a i7 5557u running OpenVPN + iptables on CentOS -> Asus AC3200 -> Rest of network.
The i7 5557u doesn't break a sweat with 70mbit.
edit: wrong mini-pc, the i7 8650u is running my tv
Last edited:
Does your mini pc switch servers automatically?
If not then it’s just luck if the server you connect to doesn’t get filled up with users like you that don’t switch and are connected 24/7.
Seems to be the main advantage of running the app locally as it picks the best server each time you wake your pc.
When I run the local app it’s rare I am in a server with greater than 10% of its capacity used.
If not then it’s just luck if the server you connect to doesn’t get filled up with users like you that don’t switch and are connected 24/7.
Seems to be the main advantage of running the app locally as it picks the best server each time you wake your pc.
When I run the local app it’s rare I am in a server with greater than 10% of its capacity used.
Associate
- Joined
- 30 Dec 2018
- Posts
- 17
Just been searching through for a VPN, stumbled across this post - anybody confirm nord is the "go-to" at the moment or is there anything else i should take a look at?
We'll need a fair bit more than that to help you properly. What's your use-case? What is your intended deployment (router, per-device?)? Are you looking for WireGuard, OpenVPN, IKEv2, Psyphon, ShadowSOCKS, just SOCKS5 or something else? What's the spec of the main device(s) you want to run the VPN on? What's your internet connection speed? What's your budget?
Indeed, needs can be quite specific
There's some providers who specifically market VPN circumvention protocols (either proprietary or based on non-standard ports, or both, or both and more!) but don't offer some other useful features.
I was previously a VyprVPN customer - currently I'm both currently a Nord and TorGuard customer for one specific reason: Nord don't provide any portforwarding facilities and have no plans to despite previously saying it was forthcoming. You can torrent (and fast) through Nord, and as long as you want to only use public trackers with DHT and Peer Exchange, you'll be fine - seeding on (and in some cases, downloading from) private trackers is impossible. TorGuard's port forwarding is a bit fiddly to set up but works.
Protocols-wise, Nord, VyprVPN, PIA, TorGuard, ExpressVPN, AirVPN etc offer broadly the same feature set.
Directly comparing Nord and TorGuard, there's some differences:
1/
NordVPN offers SOCKS proxy and VPN as part of one subscription; TorGuard sells VPN and proxy products separately. You can buy them as a bundle for 40% off, or buy each individually with a 50% off code and save a bit more, and it becomes the same price as the 3-year-for-$99 NordVPN offer at that point (mad but true).
Nord offers OpenVPN, IKEv2/IPSec, SOCKS5, and CyberSEC DNS adblocking/privacy stuff. They discontinued L2TP and PPTP on December 1st 2018 to the displeasure of a fair few users!
TorGuard offers OpenVPN, L2TP/IPSec, PPTP and OpenConnect (an open version of Cisco AnyConnect - which they dub their 'Stealth' VPN product).
Both providers have guides on their site for setting up the protocols on different devices. Nord's looks bit slicker but fundamentally all the info is there for both.
2/
Nord appear to have more servers in a few key countries (US, UK, Germany etc). TorGuard seems slightly biased towards US customers given the add-on features and "gigabit premium network" which, for an extra cost, gives faster backbone access for superfast broadband - but only on US servers. Nord is open about their server lists and server naming. Some categories of servers are for different purposes - P2P, Tor, double-proxy etc.
TorGuard have a list on their 'Network' page showing server clusters by country for their main protocols, however server IPs are hidden behind DNS load balancing. If you want to find a specific server and manually use that as a 'custom' server - which is required for port forwarding - prepare to do a couple of dozen rounds of speed tests with multiple reconnects inbetween finding new unique server IPs. I've only managed to find one UK server so far after 30+ tests which gives me over 300 mbit/sec upstream, the downstream is always much slower than NordVPN (pretty much guarantee any UK server peered to IX North will give me >400 mbit/sec).
Latency is good on both networks. I don't bother to disconnect when gaming. TorGuard actually shouts about their VPN network decreasing overall latency in some cases due to how they've peered. That may be so but I've not thoroughly tested.
3/
Peering and physical VPN server locations are noteworthy. I'm on a very fast connection, easily capable of maxing out these VPN servers, so it's interesting to see how speeds differ. I suspect Tor have fewer unique servers (in the UK at least) which are more loaded than Nord. If not that, Nord are perhaps better at more efficiently implementing aspects of the VPN server side - or they just buy more powerful servers/pay for better peering/have fewer UK customers/are using voodoo.
I have noticed that they have lots of servers in Manchester and the North of England as well as London, which is great as my ISP's peering is lots better to LINX Manchester than it is London.
Nord appear to be a big M247 customer; TorGuard are a big UK2 customer.
4/
NordVPN have some clever reverse-proxying and DNS techniques going on, transparent to their users - but means you can use a few key territory Netflixes, iPlayer etc (via certain groups of servers which they list in their knowledgebase) without any other tweaks. TorGuard specifically do not offer this unless you pay extra each month for a residential IP, which considerably bumps up the price.
5/
Nord Android app is slicker than TorGuard. TorGuard desktop app has some useful functionality but it's a bit more crudely designed, however there's plenty of customisation and flexibility regarding port selection, protocol choice and even encryption level right within the app. (caveat: some of their OpenVPN configuration is reportedly a bit borked, see their forums for further discussion on crypto negotiation...)
Nord desktop app is now very noob-friendly but you can still use older version as long as you don't mind dismissing the upgrade nag screen. (VyprVPN's Android app was also quite slick but the service was a little slow overall for me when I was a customer (2017-18).)
6/
Nord, as TorGuard, and most of the big providers, support PPTP, OpenVPN, L2TP and other protocols which means should you wish to VPN at a router level, most router firmwares which ship with a VPN client baked in should work fine. I've had success with AsusWRT-Merlin running on NordVPN previously, not got that router set up on the new connection yet however so haven't tested TorGuard, however it should be identical process to use on that. Certainly offer the ports, protocols and even have an .ovpn generator on their site. (Nord's ovpn files and certificate key pairs are buried in documentation links, and some were moderately hard to find). Had weird problems with a few UK NordVPN servers totally refusing to handshake on OpenVPN for no apparent reason, even support weren't sure why.
7/
Support from both TorGuard and Nord has been pretty good. TorGuard prefer ticketing system; Nord do email. Response times and helpfulness about equal.
8/
Nord have apparently demonstrated (via pwc audit, and a couple of test court cases) that they're zero log. Company registered in Panama but they operate out of Cyprus I think. TorGuard proclaim to be similarly strict zero logging but they of course store customer info, as will Nord. You can pay through PayPal and avoid a fraud check (as PayPal will do it) - or pay by crypto and it's not done as you don't have to share any info.
https://thebestvpn.com/118-vpns-logging-policy/ has a list of over 100 VPN providers and their policies, compiled last March, I don't think much has changed.
I think it's most important to judiciously trial any VPN provider, and read beyond the usual crop of 'VPN recommendation sites', many of which make bank from referrals and paid promos. Read user forums, track performance over time as related by customers, etc. Do trials of several at once if practical, where the providers offer a trial period, as you might find one provider gives you stunning performance with your ISP and others fall short.
I wouldn't rush to join PIA, I've read reports of contention and poor configuration recently from user forums. However, of course, user forums are mostly full of complainers
and I've never tried PIA myself.Feel free to hit me up if you have any other queries, and there's bound to be loads of customers of various providers on here...
NB some VPN companies are just whitelabelled resellers - e.g. Ghost Path who are a SlickVPN reseller, and their customer service and network performance is apparently not stellar.
Last edited:
Associate
- Joined
- 30 Dec 2018
- Posts
- 17
Im pretty sure you DONT need all that info to give me advice on which is a decent VPN to use at the moment...
Caporegime
Been using PIA for the last week for torrenting and found out that you can get US Netlflx too which was a nice bonus.
No issues with speed via the French servers.
No issues with speed via the French servers.
Nonsense. If he wants WireGuard that rules out most of the 'big' multinationals. If he wants 10Gbps servers, that rules out 90% of providers. If he wants AES-xxx-GCM that likewise narrows the field. What's the threat model? If we need to recommend outside the 3/5/10/14 eyes that further reduces recommendations. Is it to run on an iPhone or a Core i7 x86 router? Does he need access to US Netflix, or just to torrent his Linux ISOs in peace? Is port forwarding or a public IP necessary? Obfuscation (eg China)?
Just saying "Ye m8, XYZ are decent" will only lead to tears.
Edit: Just realised 'he' is you. My bad. Still, as I said it's pretty impossible to give you a sensible suggestion until we know what your threat model is, and how you intend to run it. Else I could recommend you something entirely useless.
Edit 2 because I'm bored: The longer I think about this the funnier it gets. "Spec me a VPN, but I won't tell you what kind I want, what I need it to do, how fast I need it to be, what device I need it to work on or how much I want to spend... Go go go...". PMSL Good luck with that!
Last edited:
Associate
- Joined
- 30 Dec 2018
- Posts
- 17
I want it for the obvious reasons, privacy/torrents/IPTV/running netflix an the like based out of other countrys.. It will run on an I7 msi and if its capable on my android devices.
Associate
- Joined
- 30 Dec 2018
- Posts
- 17
Anybody? cheers
Associate
- Joined
- 30 Dec 2018
- Posts
- 17
Indeed, needs can be quite specific
There's some providers who specifically market VPN circumvention protocols (either proprietary or based on non-standard ports, or both, or both and more!) but don't offer some other useful features.
I was previously a VyprVPN customer - currently I'm both currently a Nord and TorGuard customer for one specific reason: Nord don't provide any portforwarding facilities and have no plans to despite previously saying it was forthcoming. You can torrent (and fast) through Nord, and as long as you want to only use public trackers with DHT and Peer Exchange, you'll be fine - seeding on (and in some cases, downloading from) private trackers is impossible. TorGuard's port forwarding is a bit fiddly to set up but works.
Protocols-wise, Nord, VyprVPN, PIA, TorGuard, ExpressVPN, AirVPN etc offer broadly the same feature set.
Directly comparing Nord and TorGuard, there's some differences:
1/
NordVPN offers SOCKS proxy and VPN as part of one subscription; TorGuard sells VPN and proxy products separately. You can buy them as a bundle for 40% off, or buy each individually with a 50% off code and save a bit more, and it becomes the same price as the 3-year-for-$99 NordVPN offer at that point (mad but true).
Nord offers OpenVPN, IKEv2/IPSec, SOCKS5, and CyberSEC DNS adblocking/privacy stuff. They discontinued L2TP and PPTP on December 1st 2018 to the displeasure of a fair few users!
TorGuard offers OpenVPN, L2TP/IPSec, PPTP and OpenConnect (an open version of Cisco AnyConnect - which they dub their 'Stealth' VPN product).
Both providers have guides on their site for setting up the protocols on different devices. Nord's looks bit slicker but fundamentally all the info is there for both.
2/
Nord appear to have more servers in a few key countries (US, UK, Germany etc). TorGuard seems slightly biased towards US customers given the add-on features and "gigabit premium network" which, for an extra cost, gives faster backbone access for superfast broadband - but only on US servers. Nord is open about their server lists and server naming. Some categories of servers are for different purposes - P2P, Tor, double-proxy etc.
TorGuard have a list on their 'Network' page showing server clusters by country for their main protocols, however server IPs are hidden behind DNS load balancing. If you want to find a specific server and manually use that as a 'custom' server - which is required for port forwarding - prepare to do a couple of dozen rounds of speed tests with multiple reconnects inbetween finding new unique server IPs. I've only managed to find one UK server so far after 30+ tests which gives me over 300 mbit/sec upstream, the downstream is always much slower than NordVPN (pretty much guarantee any UK server peered to IX North will give me >400 mbit/sec).
Latency is good on both networks. I don't bother to disconnect when gaming. TorGuard actually shouts about their VPN network decreasing overall latency in some cases due to how they've peered. That may be so but I've not thoroughly tested.
3/
Peering and physical VPN server locations are noteworthy. I'm on a very fast connection, easily capable of maxing out these VPN servers, so it's interesting to see how speeds differ. I suspect Tor have fewer unique servers (in the UK at least) which are more loaded than Nord. If not that, Nord are perhaps better at more efficiently implementing aspects of the VPN server side - or they just buy more powerful servers/pay for better peering/have fewer UK customers/are using voodoo.
I have noticed that they have lots of servers in Manchester and the North of England as well as London, which is great as my ISP's peering is lots better to LINX Manchester than it is London.
Nord appear to be a big M247 customer; TorGuard are a big UK2 customer.
4/
NordVPN have some clever reverse-proxying and DNS techniques going on, transparent to their users - but means you can use a few key territory Netflixes, iPlayer etc (via certain groups of servers which they list in their knowledgebase) without any other tweaks. TorGuard specifically do not offer this unless you pay extra each month for a residential IP, which considerably bumps up the price.
5/
Nord Android app is slicker than TorGuard. TorGuard desktop app has some useful functionality but it's a bit more crudely designed, however there's plenty of customisation and flexibility regarding port selection, protocol choice and even encryption level right within the app. (caveat: some of their OpenVPN configuration is reportedly a bit borked, see their forums for further discussion on crypto negotiation...)
Nord desktop app is now very noob-friendly but you can still use older version as long as you don't mind dismissing the upgrade nag screen. (VyprVPN's Android app was also quite slick but the service was a little slow overall for me when I was a customer (2017-18).)
6/
Nord, as TorGuard, and most of the big providers, support PPTP, OpenVPN, L2TP and other protocols which means should you wish to VPN at a router level, most router firmwares which ship with a VPN client baked in should work fine. I've had success with AsusWRT-Merlin running on NordVPN previously, not got that router set up on the new connection yet however so haven't tested TorGuard, however it should be identical process to use on that. Certainly offer the ports, protocols and even have an .ovpn generator on their site. (Nord's ovpn files and certificate key pairs are buried in documentation links, and some were moderately hard to find). Had weird problems with a few UK NordVPN servers totally refusing to handshake on OpenVPN for no apparent reason, even support weren't sure why.
7/
Support from both TorGuard and Nord has been pretty good. TorGuard prefer ticketing system; Nord do email. Response times and helpfulness about equal.
8/
Nord have apparently demonstrated (via pwc audit, and a couple of test court cases) that they're zero log. Company registered in Panama but they operate out of Cyprus I think. TorGuard proclaim to be similarly strict zero logging but they of course store customer info, as will Nord. You can pay through PayPal and avoid a fraud check (as PayPal will do it) - or pay by crypto and it's not done as you don't have to share any info.
https://thebestvpn.com/118-vpns-logging-policy/ has a list of over 100 VPN providers and their policies, compiled last March, I don't think much has changed.
I think it's most important to judiciously trial any VPN provider, and read beyond the usual crop of 'VPN recommendation sites', many of which make bank from referrals and paid promos. Read user forums, track performance over time as related by customers, etc. Do trials of several at once if practical, where the providers offer a trial period, as you might find one provider gives you stunning performance with your ISP and others fall short.
I wouldn't rush to join PIA, I've read reports of contention and poor configuration recently from user forums. However, of course, user forums are mostly full of complainers
Feel free to hit me up if you have any other queries, and there's bound to be loads of customers of various providers on here...
NB some VPN companies are just whitelabelled resellers - e.g. Ghost Path who are a SlickVPN reseller, and their customer service and network performance is apparently not stellar.
Thanks very much for the detailed reply - literally the only thing putting me off NORD right now is the few people complaining about the slow speeds they are getting through it?
If you need Netflix access your choices are already very limited. If you want to torrent reliably, more so. I'd recommend AirVPN in your case. They still support Netflix according to their forum (I haven't used them for a few months but had a five year sub, I only moved due to WireGuard support elsewhere), and they have the best port forwarding in the business. You can forward many ports with them, and they also support rDNS. Fast servers, decent support, nice forum. They only support OpenVPN but that will work just fine on your i7 rig and your Android device.
TorGuard's port forwarding is probably slightly rudimentary by comparison, but you can have multiple ports per VPN server. You have to manually connect to that specific server in the TorGuard client using a specific port, which is less convenient than having your port forwards follow you around (is that how AirVPN works?). At least I know I have my ports ready for me on a specific server. Helps if you can identify a server which is fast for you beforehand (I ended up having to do speedtests).
When I was on 10 meg DSL, Nord probably reduced my speed by 5-10% at most, no noticeable increase in latency. Now I'm on fibre, and when connecting to servers which are peered geographically close to my ISP's peering, speeds are pretty damn fast. I don't get 100% of my throughput, but frankly 75%-85% of my actual line rate in both directions is more than fine by me!
Nord's Netflix access is fine, if you use the servers they provide in their FAQ. There's specific ranges of server numbers in specific countries for the specific Netflix regions they support (they only support about half a dozen including UK and US, which was a shame as I couldn't access German Netflix when I tried, I was redirect to the US Netflix).
One of the downsides of Nord is that they are blocked by BBC Iplayer. If, like me, you connect to a UK server for privacy reasons you can no longer watch iplayer so you have to remember to turn off the VPN for BBC and turn it back on when you're done watching iplayer. Kinda annoying.