VPNs are great, and running one on a personal server can offer little to no performance impact. However, many networks will often use deep packet inspection to prevent their use. Fortunately, with a few hours of your time, you can enable ofbsproxy obfuscation on your OpenVPN server.
This won’t be a tutorial, simply my experience with the setup. If you want to set this up yourself, here is the guide that I used.
Here are some pros and cons to using an obfuscated OpenVPN server:
- Works on almost any network.
- Hides VPN traffic from DPI (deep packet inspection)
Difficult to set up clients, each VPN client must have ofbsproxy running in the background, this means that your VPN won’t work on android/ios unless you port ofbsproxy to it. You will not be able to connect to the VPN unless your traffic is being routed through ofbsproxy.
To achieve maximum obfuscation, you must run ofbsproxy on a port that is commonly allowed, many networks will block ports that are commonly used for VPNs. For me, this is port 443 although I’m sure many other web ports would work. However, running a VPN on a web port is not an ideal configuration.