The VPNBaron client has some pretty awesome features, designed with the user in mind. We’ll explain all of them in this post.
OpenVPN allows for both UDP (User Diagram Protocol) and TCP (Transmission Control Protocol). Each one has its pros and cons.
TCP – Every network packet, sent or received, requires confirmation. This makes the protocol reliable, but slower because of the extra confirmation steps and metadata in each packet.
UDP – No confirmation is required. Packets are sent as fast as possible, without having to wait for the receiver to confirm. This makes the connection faster, but some packets may be lost.
We recommend using UDP unless you’re experiencing connection issues, or you specifically need to run programs that are TCP dependent .
DPI Protection (Deep Package Inspection) – Some Internet Service Providers actively scan the user’s traffic, in order to restrict or monitor access. This practice is common in countries that censor internet and restrict certain sites. The most popular countries are China, Iran and Egypt (complete list). VPN encryption usually is enough for networks that allow VPN usage, but when the ISP actively tries to detect and kill VPN connections, that’s when DPI comes in handy. We offer to DPI methods.
SSL (Secure Sockets Layer) – Is a standard for security when it comes to establishing encrypted links between servers and clients. Due to its popularity, blocking SSL would make the internet connection almost completely useless. Using OpenVPN via a SSL tunnel allows users unrestricted internet access even in countries like China.
OBFSPROXY – is a tool that attempts to circumvent censorship developed by TOR (https://www.torproject.org/projects/obfsproxy.html.en). Past versions have been usually blocked by the restrictive ISPs, but there’s a constant battle between OBFSPROXY developers and the guys trying to block their protocols. By the time they figure how to block it, a different version comes out.
We recommend using SSL because it is faster. OBFSPROXY adds junk to the network packets in order to trick the filters, but it’s extra information that needs to be sent. This slows the connection significantly. Both protocols only work on TCP.
Force DNS – By default, our DNS is only set to the virtual TAP adapter. Checking this option will also set it to the physical network adapter. Only use this setting if the DNS is leaking.
Kill Switch – If the internet connection is lost and you’re disconnected from the VPN, the network adapter is disabled, in order to prevent exposing the real IP address. Re-enabling is possible from the VPNBaron client or Control Panel\Network and Internet\Network and Sharing Center -> Change Adapter Settings.
Add Custom OpenVPN Commands – This one is pretty self exploratory. It allows users that require additional OpenVPN settings to add them. We recommend using this option if you know what you’re doing or our support team suggested.