faern
commented
1 year ago Thanks for the information, links and feedback on what works for you! We are investigating how to provide better obfuscation at the moment, so this is valuable input.
Open OmniliciousCat opened 1 year ago
faern
commented
1 year ago Thanks for the information, links and feedback on what works for you! We are investigating how to provide better obfuscation at the moment, so this is valuable input.
Issue report
Operating system: Ubuntu 22.04
App version: 2022.5
Issue description
Currently, under heavy network restrictions, pretty much none of the protocols and obfuscation methods that Mullvad offers work for me. I have already tried all the methods described in Using Mullvad VPN in restrictive locations. Only OpenVPN over SSH seems to be working:
The connection, however, is abysmal in speed and is interrupted every once in a while. Detection of SSH tunnels seems to be well-established in modern firewall systems.
One approach that has successfully circumvented restrictions affecting my network is using Wireguard over TLS. The team at ProtonVPN has added this protocol under the name "Stealth" for their Android application. They seem to be using wireguard-go under the hood where they are able to upgrade to a fingerprint-protected TLS connection if it is needed.
The following crate implements Wireguard tunneling over TCP and TLS: wireguard-proxy
In my opinion, the implementation of Wireguard over TLS in the Mullvad app also allows future refinements for obfuscation so that the traffic could look more and more like an HTTPS connection.