Most broadband providers in India are providing home internet services with the use of CG-NAT. The ISPs do not have enough public IPv4 addresses to cope up with the explosion in demand. Also, IPv4 is very tough to get and the costs are huge. This creates a huge problem when it comes to end-to-end connectivity, for which the internet was built.
I always wanted to get access to my home network from a remote location. But my ISP blocks almost every port on their router and I am left with no choice but to buy a static IP from my ISP. I am a broke college student and cannot ask my parents to pay for something they don't understand. One option is to create a SOCKS5 proxy over an SSH tunnel using ngrok. It allows anyone to expose local ports over the internet for free. However, it causes serious latency and bandwidth issues as the connection is relayed through ngrok servers.
This is when I came across the Softether VPN project (open-source) by the University of Tsubuka, Japan. They are the same university that administers the VPN gate project. It supports NAT-traversal by the UDP hole punching technique and does not require any port forwarding on the server-side router.
I just installed the Softether VPN server from their website on my old home windows PC (on alliance broadband network). Setting up is fairly easy on Windows as they provide a super user-friendly GUI. A layman with little knowledge of networking may follow the wizard to set up a server. You may also set it up using a CLI on Linux servers but that requires some knowledge of the CLI (excellent guides are provided on their official website). I did not forward any port on my home Tenda router, or the ISP router.
It even provides a customizable DDNS so that you don't need to worry about the dynamic IP that your ISP gives you. You may set up any number of client user-name and passwords you like.
Then, on my client-side windows 10 laptop (on Airtel 4G), I installed the Softether VPN client software and punched in the DDNS hostname, user id, and password. It connected to my home VPN server with Nat traversal. It shows a warning that the VPN connection may be unstable as I am using UDP and not TCP, I did not face any problem in the last 7 days. I did not have to configure my router settings, nor did I have to contact the ISP for any port forwarding, which obviously they won't do for free. However, the Softether client app is not available on mobile phones and can be used only on Windows/ MAC OS or Linux-based laptops.
This is a direct connection and does not involve any third-party server, so latency and bandwidth are great.
The sweetest deal with Softether is that they even facilitate setting up an L2TP and OpenVPN server very easily, using the GUI. Also, they automatically generate the .ovpn configuration file within the GUI so you don't need to be a pro. However, L2TP and OpenVPN servers do not support the NAT-traversal technique and require you to open ports. If you can, do so as it will allow you to use your phone as a client, i.e. you can use the VPN on your phone as well.
Suppose the firewall of your ISP is so strict, it even blocks Softether VPN server's NAT traversal technique. Softether has free AZURE severs which will negotiate the connection between your home server and your client PC. This uses Microsoft's SSTP VPN protocol, which is a proprietary service of Microsoft and works only on Windows-based clients. This option can be found on VPN AZURE settings on the server software.
P.S.: I would have shared images but this website is not allowing me to upload images for some reason, IDK why!
Disclaimer: I am not a lawyer and I don't know the legal consequences of doing this at your home. If your ISP/ anyone else has a problem with doing this at your home, I am not responsible.
I always wanted to get access to my home network from a remote location. But my ISP blocks almost every port on their router and I am left with no choice but to buy a static IP from my ISP. I am a broke college student and cannot ask my parents to pay for something they don't understand. One option is to create a SOCKS5 proxy over an SSH tunnel using ngrok. It allows anyone to expose local ports over the internet for free. However, it causes serious latency and bandwidth issues as the connection is relayed through ngrok servers.
This is when I came across the Softether VPN project (open-source) by the University of Tsubuka, Japan. They are the same university that administers the VPN gate project. It supports NAT-traversal by the UDP hole punching technique and does not require any port forwarding on the server-side router.
I just installed the Softether VPN server from their website on my old home windows PC (on alliance broadband network). Setting up is fairly easy on Windows as they provide a super user-friendly GUI. A layman with little knowledge of networking may follow the wizard to set up a server. You may also set it up using a CLI on Linux servers but that requires some knowledge of the CLI (excellent guides are provided on their official website). I did not forward any port on my home Tenda router, or the ISP router.
It even provides a customizable DDNS so that you don't need to worry about the dynamic IP that your ISP gives you. You may set up any number of client user-name and passwords you like.
Then, on my client-side windows 10 laptop (on Airtel 4G), I installed the Softether VPN client software and punched in the DDNS hostname, user id, and password. It connected to my home VPN server with Nat traversal. It shows a warning that the VPN connection may be unstable as I am using UDP and not TCP, I did not face any problem in the last 7 days. I did not have to configure my router settings, nor did I have to contact the ISP for any port forwarding, which obviously they won't do for free. However, the Softether client app is not available on mobile phones and can be used only on Windows/ MAC OS or Linux-based laptops.
This is a direct connection and does not involve any third-party server, so latency and bandwidth are great.
The sweetest deal with Softether is that they even facilitate setting up an L2TP and OpenVPN server very easily, using the GUI. Also, they automatically generate the .ovpn configuration file within the GUI so you don't need to be a pro. However, L2TP and OpenVPN servers do not support the NAT-traversal technique and require you to open ports. If you can, do so as it will allow you to use your phone as a client, i.e. you can use the VPN on your phone as well.
Suppose the firewall of your ISP is so strict, it even blocks Softether VPN server's NAT traversal technique. Softether has free AZURE severs which will negotiate the connection between your home server and your client PC. This uses Microsoft's SSTP VPN protocol, which is a proprietary service of Microsoft and works only on Windows-based clients. This option can be found on VPN AZURE settings on the server software.
P.S.: I would have shared images but this website is not allowing me to upload images for some reason, IDK why!
Disclaimer: I am not a lawyer and I don't know the legal consequences of doing this at your home. If your ISP/ anyone else has a problem with doing this at your home, I am not responsible.
