How To Prepare VPN VLAN for Switch
Preface
In my experience with the upgrade, there were two immediate problems. One, the providers do not necessarily disclose what applications are blocked on their VPN network. For example, some providers block BitTorrent or Tor traffic on their network. While both technologies are known for other infamous usage, they can be used within the ethical and legal guidelines; technology itself is neutral. But if the VPN does not allow such traffic, you may want to look for alternative providers.
The more technical issue on hand is protocol availability and compatibility. Most VPN providers only offer GUI version of their app on Windows, macOS, and perhaps for smartphones. Either the providers don’t offer Linux app at all, or the CLI apps offered for Linux distros are not well maintained. But with the proprietary protocols some of the providers are known for, (e.g. Lightway from ExpressVPN, NordLynx from NordVPN) these apps could be an option. However, my experience with the VPN apps offered by the providers tells me they are often unreliable or unsuitable for the purpose of creating a VLAN.
Which leaves us with OpenVPN and WireGuard, but WireGuard is simply not an option. Most VPN providers do not support manual WireGuard connections to begin with (i.e. only their apps offer WireGuard capability). Since OpenVPN is tried and trusted by many, there are other resources available for the protocol.
Instructions
First, let us assume you are using OpenVPN client by following the previous post. This allows us to simply switch the .ovpn file that the client is using upon the start up. The new file must be from the provider of your choice, (or the new server of your choice) and you will need a separate OpenVPN authentications (likely a username and a password pair) updated in the login
as well.
- Via terminal, disable currently running OpenVPN client service:
sudo systemctl stop openvpn-client@[openvpn-config]
- Now simply replace the config file with the new one, and the login file with the new one.
- Restart the OpenVPN client:
sudo systemctl restart openvpn-client@[openvpn-config]
- (opt.) If you are running additional proxy servers, such as dante, it may need to be restarted as well.