Like, from inside China to the outside, but a bilateral solution would be fine with me, too.
It’s better to pay for a VPN provider that is verified to work in China. And no, they won’t kidnap you for using a VPN as some people write here. It’s a non-issue just to bypass the GFW. The issue is when you write to a Chinese audience things that the CCP do not like.
ITT: lots of generic VPN advice by people who have no experience with the specific problem.
I would avoid China if you can
If you need to go to China make sure to use Tor with snowflake proxies enabled. Tor is the only real answer here since this is what it was designed for.
I travelled to China in October 2023. I have a Wireshark VPN running at home with my internet provider (dinamic IP), and it worked for few hours (about 6) and they ban the IP. Resetting the router and getting a new made it work for another few hours.
As others suggested the vpn traffic is encrypted but very easy to detect. I read about some protocols that can bypass it like shadow shocks but I didn’t have time to tinkering (it was my first time in China).
I ended by using the service provided by 12vpx and it worked flawlessly. Someone recommended it and it is specialized in provided access in china with lots of gateways. I never had problems with this provider.
Probably there are others that also work but that is my experience.
Be careful of some of those services as they may be using botnets.
Tor snowflakes allow for volunteers to proxy traffic to Tor. They are hard to block since there is effectively unlimited IPs.
I wonder why nobody has mentioned using tor
I couldn’t use Tor inside China, I tried but did not establish a connection. Didn’t dig into it also.
Look into Snowflakes. The snowflake proxies are hosted by people in low censorship countries with the browser extension installed. The IP addresses are all over the place so they are hard to block.
Yes. China’s great firewall mostly handles content filtering and deals with low hanging fruit. Getting around it is fairly simple, and the censorship is mostly focused on stuff that would otherwise be easily accessible by the broader population.
VPN is your obvious choice here. CCP blocks most public VPN providers, so you’d have to roll your own.
You can set up a VPN concentrator somewhere in the world, and you would be able to reach it. As far as I’ve noticed, they don’t block VPN as a whole, and default port should work fine - the reason for this is probably that VPN has many commercial uses that they don’t want to harm.
Source: I run a (work-related) VPN accessible from inside china.
You don’t have to set up your own VPN. Many public providers work.
deleted by creator
China blocks most IPs from foreign cloud providers like AWS or Digital Ocean. And if I am not mistaken, they can also block some VPN protocols (tor is not a VPN protocol, but it is very blocked, I don’t know if tor bridge works), but I am not sure which exactly.
Do mainstream VPN providers not have a Chinese solution?
They have. I don’t know what people are talking about in this post. It’s bypassable easily, and the CCP won’t kill you for it. There are so many Chinese using aVPN themselves to bypass GFW
What brand of VPN do you use to bypass it, many of my friends are there quite frequently, none of them have a mainstream solution for it.
Unfortunately it’s still trial and error. Check out e.g Ovpn, Astrill, Mullvad though. You can always email and ask different providers as well. Though it’s best it you set it up before visiting China. A HK sim through Airalo or similar also works.
Last time I was there, express does not work, and I heard proton also does not work. However, my mobile carrier by default routes all roaming traffic through UK, so that did work.
Yeah, you can look up how to setup hysteria2 and xray. Additionally you need to understand that firewall is different in different places, in some places like big cities you can even use plain openvpn (during daytime), in other more rural places almost everything is blocked.
Yeah, I’ve heard Shanghai for example has zones where the GFW is much more lax?
Sloooow but works
deleted by creator
Social Credit --;
Yeah. But it kinda defeats the purpose.
The whole point of a VPN is to mix your traffic with tons of other people’s traffic
Where in the world did you get that idea?
VPNs serve three functions:
-
add a layer of encryption so your local network operator and ISP can’t inspect your traffic, its contents and its true destination. (this is what OP is looking for)
-
make it appear to the service you are connecting to, that you are connecting from a different location than where you actually are. (for example make Netflix think you’re in a different region to show you different content)
-
provide secure access to private services that are not exposed directly to the Internet. IE securely connecting devices on seprate LAN networks together over the Internet via an encrypted tunnel. This is a VPNs true purpose and how they are primarily used in Professional/Comercial settings. (pretty much every corporation you’ve ever interacted with runs a VPN that connects its stores/warehouses/offices together)
These are the true points, however the 4th reason to use a VPN is if you are using a fingerprint-resistant browser and lots of other people are too, it’s harder to track who is going where, since the exit IP is shared.
If tor isn’t working for whatever reason
If all your connections come from the same IP, and you’re the only one using that IP, then everyone knows all of your traffic is associated with you.
If the advisory is the State, then the ISP will still he able to see all your traffic.
-
Not really, you need a license and you can host openvpn at tcp 443, but chances are they’ll try to track you down and make your life unpleasant.
When I was there I vps bumped through Hk, that’s probably harder now.
They are prepared for such ideas, and you should assume that they are better than you.
And there are hundreds if not thousands of them, plus a lot of automated tooling.
And of course, they control the hardware and software. I wouldnt risk it as a foreign national who has occasionally done work in the defense industry, but everyone has a different risk tolerance.
It’s possible for a while but there is a whack-a-mole game if you’re doing anything they would care about. So you will have to keep moving it around. VPS forums will have some info.
