Does ISP know that I'm using VPN?

[Dodi71 0]

I just wonder if my ISP has the ability to know if I'm using AirVPN? if yes, how can make the trafic appears as a normal web surfing trafic?

[ms2738 5]

Why do you care?  Using a VPN isn’t illegal.  Is it against the terms of service?

The answer to your question is that you probably can’t.  You can change the port to make your traffic blend in, but between deep packet inspection, and the fact they can see your traffic going to the IP address of a VPN provider, it’s pretty obvious. 

[Dodi71 0]

Thank you.

[Air4141841 24]

staff typically suggests using entry point 3.   port 443, TCP protocol for this question 

[SurprisedItWorks 49]

To elaborate on the above just a bit, using OpenVPN with the entry-3 IP, port 443, and TCP will make your connection look so much like an ordinary https browsing connection that simple monitoring software won't spot the difference.  The catch is that TCP is a slow way to do a VPN connection, so don't be surprised when you lose speed.  The speed loss is about round-trip propagation time between you and the VPN server, because TCP (always used by https) requires each packet to be acknowledged before the next is sent (IIRC/YMMV).  Because this is the underlying issue, speed will be maximized if you use a server as close to you (in latency terms) as possible.

[benfitita 39]

These days some HTTPS traffic goes over UDP 443 (HTTP/3), so I'd say that's starting to blend in as well.

[ms2738 5]

On 12/6/2023 at 4:05 AM, benfitita said:

These days some HTTPS traffic goes over UDP 443 (HTTP/3), so I'd say that's starting to blend in as well.

But remember, the ISP can see where the traffic is going.  It’s not hard to figure that an IP is owned but a VPN provider. 

[benfitita 39]

Of course that's the case with probably all attempts to hide your traffic. Network admin looking specifically at your traffic will notice you are using Tor, because Tor nodes are publicly known. Same for VPNs – if most of your traffic goes to one IP, then it's obvious it's some kind of a tunnel.

[NeonVortex 0]

On 12/4/2023 at 9:45 AM, ms2738 said:

Why do you care?  Using a VPN isn’t illegal.  Is it against the terms of service?

The answer to your question is that you probably can’t.  You can change the port to make your traffic blend in, but between deep packet inspection, and the fact they can see your traffic going to the IP address of a VPN provider, it’s pretty obvious. 

This! Thank you!

[ss11 15]

Even if the traffic itself is not distinguishable as VPN, like for example OpenVPN port 443 TCP with tls-crypt, you don't need to be a genius to figure out it's a VPN when you see 100% of traffic incoming and outgoing via that stream / that IP address. And no DNS lookups as well on the ISP. So, even if the traffic packets themselves are not distinguishable from other type of traffic, the behavior is very distinguishable....

But this is not a flaw. It's the intentional design, it is how it works, and there is nothing illegal about it nor anything that can go against  your ISP Terms of Usage. Most important, they are not able to see what you do inside the vpn, what destinations you connect after, what websites you browse, anything at all. And there is nothing wrong in the world knowing "you use a vpn" WITHOUT knowing "what you do inside the vpn".  There is no sense to worry about it.

[tubule 1]

use "SSH protocol connection":

https://airvpn.org/ssh/

[Avery78 0]

Your ISP can see your VPN server's IP address. But it cannot see anything else. This means that your ISP can most likely detect that you are using a VPN, but it cannot trace your online behavior, including the pages you view, files you download, or anything else you do on the internet.

[Avery78 0]

VPN usage is usually detectable by ISPs because of the unique patterns in data transmission. They won't, however, be aware of the precise stuff you're accessing. By hiding your internet activity from your ISP, VPN encryption protects your security and privacy.

[benfitita 39]

That's true, provided you use encrypted DNS or AirVPN DNS. Also some devices bypass your network DNS, so you need firewall rules to ensure they are forced to use your DNS of choice.