VPN blocking

From Wikipedia, the free encyclopedia
Jump to: navigation, search
Screenshot from Wikipedia: IP of VPN blocked by some Wikimedia Projects

VPN blocking is a technique used to block the encrypted protocol tunneling communications methods used by virtual private network (VPN) systems. Often used by large organizations such as national governments or corporations, it can act as a tool for computer security or Internet censorship by preventing the use of VPNs to bypass network firewall systems.


Blocking VPN access can be done a few different ways. Ports that are used by common VPN tunneling protocols, such as PPTP or L2TP, to establish their connections and transfer data can be closed by system administrators to prevent their use on certain networks. Similarly, a website can prohibit access to its content by blocking access from IP addresses that are known to belong to popular VPN providers.[1] Some governments have been known to block all access to overseas IP addresses, since VPN use often entails connecting to remote hosts that do not operate under that government's jurisdiction.[2]

As organizations have ramped up efforts to block VPN access bypassing their firewalls, VPN providers have responded by utilizing more sophisticated techniques to make their connections less conspicuous, creating a networking arms race. For instance, as the Chinese government began using deep packet inspection to identify VPN protocols, Golden Frog began scrambling OpenVPN packet metadata for its popular VyprVPN service in an attempt to avoid detection.[3]

Government use[edit]


Chinese internet users started reporting unstable connections in May 2011 while using VPNs to connect to overseas websites and services such as the Apple App Store.[4] Universities and businesses began issuing notices to stop using tools to circumvent the firewall.

In late 2012, companies providing VPN services claimed the Great Firewall of China became able to "learn, discover and block" the encrypted communications methods used by a number of different VPN systems.


The government of Iran began blocking access to non-government sanctioned VPNs in March 2013,[5] a few months prior to the 2013 elections, to "prosecute users who are violating state laws" and "take offenders to national courts under supervision of judiciary service". Use of VPNs approved by the government reportedly led to surveillance and inspection of private data.[6]

VPN blocking by online services[edit]


In an attempt to stop unauthorized access from users outside the US, Hulu began blocking users accessing the site from IP addresses linked to VPN services in April 2014. In doing so, however, the company also restricted access from legitimate U.S.-based users using VPNs for security reasons. VPN providers such as VikingVPN, NordVPN, Purevpn and TorGuard stated that they would seek ways to address this issue for their customers by speaking directly to Hulu about a resolution and rolling out more dedicated IP addresses, respectively.[7]


Netflix came under pressure from major film studios in September 2014 to block VPN access, as up to 200,000 Australian subscribers were using Netflix despite it not being available yet in Australia.[8] VPN access for Netflix has, like other streaming services, allowed users to view content more securely or while out of the country. Netflix users have also used VPNs as a means of bypassing throttling efforts made by service providers such as Verizon.[9]

See also[edit]