so far i was using proton for my VPN and recently i started using safing portmaster as my firewall.
(No Use of VPN so far)
i today i watched techlore’s new on the configuration between costume DNS and VPN
i also aware of that safing portmaster have that thing called SPN and tough i don’t completly understand what it is. from i got its should be like VPN but better.
so my questions are as follows:
1.What is an SPN how does it work?
2.should i ditch? the VPN and start using the SPN instead and if i do, how well will it work with a costume DNS?
- is there any way to get all those two work together? should i even try to get them to?
The SPN is kind of unique. It’s an amalgamation of a traditional VPN, and Tors Onion nodes. Portmaster sees all your traffic, and it routes all that, through different nodes. Say you load up Firefox. Firefox pings Mozilla, the SPN, makes it seem like that ping came from the US. You then go to DuckDuckGo, and the SPN makes it seem like you’re in France. You then connect to Protonmail, and it looks like you’re in the Netherlands. It does all this on a per app, and per domain basis. While getting to each destination, it used a multi-hop method, similar to the Tor network. This can be further tweaked in the settings. Here is a more visual representation, of how it works.
Portmaster already routes your VPN traffic (check your global settings). It needs this functionality to work. It’s why a lot of VPNs have trouble with Portmaster. As for the SPN, it should work flawlessly.
As for whether or not you should use it… it’s up to you. It has was audited, a couple of years ago, by Cure53. That’s where a lot of my knowledge about it ends, I’m afraid. I don’t really use it, nor have I tried it. I’m currently happy with my Mullvad subscription. However, I have heard that it’a quite slow. I don’t find that surprising, considering how it all works.
Get what to work together? Are you having issues with the VPN connection with Portmaster? If you’re on Windows, that can usually be sorted out (unlike Linux). Do you mean VPN and SPN? You don’t need both.
1 Like
WOW that was extremly helpfull. Thanks!
just one thing i did not completly understood
can you elobiroate on that?
Portmaster has kernel access, and makes sure every connection your PC makes, goes through it. This means that with or without a VPN, you’ll be using whatever DNS is configured into Portmaster. It’ll need that to function. By default, I think it uses Quad9, but there are several presets, and you can use a custom one.
Give it a try. Go into Portmasters Global Settings, and delete the DNS entries. Then loading a new page online. It won’t work. Once that test it done, you can restore internet access by typing in a new DNS, or by using the Quick Settings.
You can also do a basic DNS check, and see what you get with and without Portmaster.
wait. so if i am using proton vpn along with safing port master?
what actually happens?
Portmaster monitors all your network traffic, in and out of your computer. It acts as a network monitor, firewall, DNS forwarder, and SPN. Portmaster tries to monitors all the traffic coming in and out of your computer, and checks your rules, on how it’s handled.
If a connection is denied, Portmaster does not allow the connection, and the application/service, thinks your PC is ofline. If your computer wants to connect to an IP, and you allow it (no need for a DNS resolver), your computer will make the connection, through your VPN. If it was a domain, your computer will need to do a lookup, as normal. This is where your Portmaster will lookup that domain, for you (through your VPN), to establish connection to the right place. Once the domain has been located, your computer will connect to that given IP, through your VPN. From there, Portmaster will cache that DNS record, for future use.
If another app/service (eg: Mullvad) tries to block either the firewall, traffic monitor, or DNS forwarder, no connection will be made. The two, using default settings will conflict, and you’ll have zero network access. This is why Safing has a VPN compatibility page.
so if i understand you correctly. the portmaster will basicly going to work over the vpn?
