Jump to content
Chinese-forums.com
Learn Chinese in China

  • Why you should look around

    Since 2003, Chinese-forums.com has been helping people learn Chinese faster and get to China sooner. Our members can recommend beginner textbooks, help you out with obscure classical vocabulary, and tell you where to get the best street food in Xi'an. And we're friendly about it too. 

    Have a look at what's going on, or search for something specific. We hope you'll join us. 
sthubbar

ExpressVPN down in China - What to use now?

Recommended Posts

liuzhou
The GFW has been upgraded and now can learn. When it identifies VPN traffic, it blocks it. The process is automated.

Interesting theory. But not borne out by the facts.

If they automatically blocked all and any VPN traffic the entire international banking system would collapse. As would international trade. As has already been pointed out.

Secondly, some VPNs continue to work, some work some of the time, some don't work.

Share this post


Link to post
Share on other sites
Site Sponsors:
Pleco for iPhone / Android iPhone & Android Chinese dictionary: camera & hand- writing input, flashcards, audio.
Study Chinese in Kunming 1-1 classes, qualified teachers and unique teaching methods in the Spring City.
Learn Chinese Characters Learn 2289 Chinese Characters in 90 Days with a Unique Flash Card System.
Hacking Chinese Tips and strategies for how to learn Chinese more efficiently
Popup Chinese Translator Understand Chinese inside any Windows application, website or PDF.
Chinese Grammar Wiki All Chinese grammar, organised by level, all in one place.

ChTTay

Can anyone PM a VPN that currently works or might work out here?

PPPLLLLEEEEEAAAASSSSEEEE

I did just find out that the two services I signed up to are, essentially, the same service. In that they use the same "something technical". Doh!

Share this post


Link to post
Share on other sites
Kenny同志

Roddy, I am sorry to bother you, but the unfollow button is unresponsive at my end. Could you please remove me from the list of followers of this topic? Thanks.

Share this post


Link to post
Share on other sites
yaokong

I have a slightly different question, I have family all around Europe, is there a foolproof way to install a VPN server on their computers, which I can use to connect to from China? They are all Windows XP machines, most with fast internet bandwidth. Thanks!

Share this post


Link to post
Share on other sites
daofeishi
Can anyone PM a VPN that currently works or might work out here?

PPPLLLLEEEEEAAAASSSSEEEE

Since you're asking so nicely :roll:

Witopia seems to be working, but you never know how long. They had a couple of days of downtime last year, if I remember correctly. The safest thing to do to prevent being shut out by blanket restrictions might be to buy server hosting and set up your own VPN.

  • Like 1

Share this post


Link to post
Share on other sites
imron
might be to buy server hosting and set up your own VPN.

There's even no need to buy server hosting (at least not initially) if you take AWS up on their free one year trial (see previous posts for link).

is there a foolproof way to install a VPN server on their computers, which I can use to connect to from China? They are all Windows XP machines, most with fast internet bandwidth.

If you're capable of installing VPN server software it's probably going to be easier to just do it yourself - get free (sort of) hosting with AWS, then install and configure VPN software such as OpenVPN or Freelan.

If you don't need a full VPN, and just want to browse overseas sites, you just need a machine you can SSH to and then tell your browser to use the SSH connection as a SOCKS proxy.

Share this post


Link to post
Share on other sites
ChTTay

@Irom - At the moment that sounds a bit too much above my expertise. If I was on a WINDOWS pc/laptop here I would just try and learn it but I'm using UBUNTU. It's so much quicker on the netbook I have but I am still not in love with LINUX as an OS.

@daofeishi

Will try it!

Share this post


Link to post
Share on other sites
sthubbar

imron,

Your SSH solution is a great idea. You are right that for much of my daily work it does not work because of http proxy restrictions.

As for setting up my own SSL bases proxy, based on one report from another technically proficient engineer. His personal SSL based proxy is also having problem as of about December 5th. It is possibly that they have found some sophisticated ways to detect VPN traffic more than just destination IP address.

BTW, also received this message from ExpressVPN saying it is fixed. It does work sometimes, though seems to hard fail after a period of use, unlike before where I could leave it on for days with heavy use and no issues:

------ Message from ExpressVPN ---------

We have great news regarding the recent blocking of VPNs in China, which also affected ExpressVPN. Our team worked day and night and just finished deploying updates to our servers to automatically solve these problems for most of our customers.

The ExpressVPN apps for Windows and Mac should now be working fine again in China. ExpressVPN for Android, iOS, and other devices should also work as usual.

In case you have already used any of the fixes we suggested in the past few days, feel free to return to the former settings that had worked for you. That means you should connect using the ExpressVPN app instead of the dialers or manual configurations we may have sent you.

In case you had switched the ExpressVPN app to "TCP" mode, please try switching your ExpressVPN app back to "UDP" mode in the "Options" menu.

Share this post


Link to post
Share on other sites
Matty

I think they've just been brute-force blocking IP's not using some amazing new auto-ban method. Some of the services out there have been half banned, which means that if you spam connect enough times you'll eventually fall upon an IP that will connect. YAY!

And it's a little better than it was 2-3 days ago too, which leads me to believe the services are actively adding IP addresses which aren't instantly being blocked.

Share this post


Link to post
Share on other sites
sthubbar

Matty,

I agree with you that the most likely answer would be that they are brute-force blocking IPs seems more likely than some amazing new auto-ban method.

What makes me think that here is more involved are the following observations:

  • I have ExpressVPN configed to use static IP instead of name resolution so the destination has not changed, even though performance has gotten better over the last few days. If the server IP had been banned, this hard coded IP most likely would continue to be banned as opposed to a DNS name that could be updating.
  • The email for ExpressVPN seems to indicate that they made a configuration change on their side and did not request clients to make any changes on the client side, so again indicates that something more/different than banned server IPs is involved.
  • I have recently noticed many messages "Authenticate/Decrypt packet error: bad packet ID (may be a replay)" which have never seen before. These could be indicative of monkey business going on between client and server.
  • And again, the report that private OpenVPN installations which have traffic levels so low as to be highly unlikely that they would be detectable unless maybe the protocol was being attacked.

Of course, this is now getting into the why's and how's of the problem of probably little interest to anyone beside me, and maybe imron. :)

  • Like 1

Share this post


Link to post
Share on other sites
Matty

Sthubbar,

Well, my knowledge of lower level networking is very limited, but it doesn't mean I wouldn't be interested.

An observation I just made is that an IP address I could not connect to this morning, that kept being reset, I am now, tonight able to connect to. This makes absolutely no sense to me that an IP address would be blocked this morning but not now, which leads me to believe there is something even more unusual going on.

I originally thought there was a list of IP addresses that are given and the client attempts to connect to 3 in any 1 connection attempt, I thought if I tried to connect to 1 enough times I'd be able to find a safe IP.

Is it possible the problem is at the ExpressVPN end? Have they reduced capacity and are rejecting extra connection for some reason? I've noticed they're also ignoring support tickets. The symptoms speak of GFW, but this...

Unless is possible they're somehow measuring and temp banning based upon extreme traffic and high connection quantities over a broad geographical area with secure connections to unknown services. ~ or something similar

Share this post


Link to post
Share on other sites
sthubbar

FYI,

I live in Beijing and that is where my internet issues have been. Today, I'm in Shenyang and the Internet is great with VPNs working quickly. I wonder if up here in the cold they pay less attention. Might be worth buying and place up here, It's a quick 1 hour flight if we get the need to visit Beijing.

Share this post


Link to post
Share on other sites
gato

The attached is a note on recent China GFW problems from a VPN provider. It says that the blocking is worse with China Unicom, whose coverage includes Beijing.

post-879-0-85191900-1355367251_thumb.jpg

  • Like 1

Share this post


Link to post
Share on other sites
sthubbar

Gato,

Thank you for that note. It seems to confirm my guess that they have a way to do protocol blocking.

I noticed that they don't mention SSTP and this protocol does seem to be working from ExpressVPN.

Share this post


Link to post
Share on other sites
imron

They also make no mention of standard SSH. I've been in touch with a friend in Beijing who I helped set up a similar solution to the SSH method I use, and he says it's still working fine.

It's interesting to note that the VPN guy mentions how close China is skirting the line between censorship and breaking the Internet for companies.

Share this post


Link to post
Share on other sites
realmayo

Guardian article here: http://www.guardian....nternet-control

China appears to be tightening its control of internet services that are able to burrow secretly through what is known as the "Great Firewall", which prevents citizens there from reading some overseas content.

Both companies and individuals are being hit by the new technology deployed by the Chinese government to control what people read inside the country.

A number of companies providing "virtual private network" (VPN) services to users in China say the new system is able to "learn, discover and block" the encrypted communications methods used by a number of different VPN systems.

  • Like 1

Share this post


Link to post
Share on other sites
ChTTay

In an email from my VPN provider (which hasn't worked for over a month! ahhg!) they mentioned that China "appears to have blocked openVPN" at the moment.

Someone mentioned PPTP still works above. I guess I might try that next...

Share this post


Link to post
Share on other sites
Matty

I'm able to connect to ExpressVPN's many servers now, but there's a few issues...

I can't open www.chinese-forums.com on some

I can't use QQ on some.

Some other random sites wont open.

Connecting to the Australian server... gives me an IP in Shanghai?

These... I don't see how they could be influenced by the GFW, as my connection to the VPN is good and none of those sites are banned by the GFW.

Share this post


Link to post
Share on other sites
abcdefg

Anyone had recent success with installing and using Tor inside China?

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and select your username and password later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Click here to reply. Select text to quote.

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


×
×
  • Create New...