VPN Router Setup for Safe Connection from China to Japan/U.S.

Technical Support for Routers VPN, DNS, Leaks
1

Hi GL.iNet Community,

I’m currently in the U.S. and planning a setup that will allow me to connect securely from China to either Japan or the U.S. due to my company’s policies. My company doesn’t allow devices to be brought into China, but they do permit taking them to Japan or Korea. My plan is to VPN into Japan while in China. Here’s what I’m considering:

  1. Server in the U.S. with B3000: Some people suggested that it's safer to build my own VPN server in the U.S. using a GL.iNet B3000. This would ensure that I control the server and all connections are routed securely.
  2. MT3000 in China: Others mentioned that I could simply use the MT3000 in China and connect to a commercial VPN provider in Japan or the U.S., as VPN companies are quite mature now.
  3. Combination of Both: I’m also considering the possibility of using both setups—having a B3000 as a server in the U.S. and the MT3000 for connecting from China.

Could anyone advise:

  • Which setup would be more secure and stable for my needs?
  • Any recommendations for a VPN that provides a stable connection through the Great Firewall of China?
  • Are there specific configurations or precautions I should take to avoid detection and maintain a stable connection when using the MT3000 in China? like WireGuard?

Any advice or shared experiences would be greatly appreciated!

Thanks!

2

I doubt a self deployed setup will least long since all GL devices only support standard VPN protocols - which are easy to detect.

Better having some trustworthy VPN service and run it on your enddevice.

3

Thanks! However, when I turn on my Wi-Fi, it might expose my IP by scanning the surrounding networks. I'm considering connecting to the internet by pre-configuring my MT3000 in China. What do you think about using a single router with a VPN in China and having that router connect to a trustworthy VPN service? It seems like this could be a lot safer than connecting to a server I set up with the B3000 in the U.S.

4

Router is a bad decision because no custom protocols like shadowsocks. At least spoken for GL devices without plain OpenWrt.

5

Also for shadowsocks from OpenWrt side... Very recently in master they also pulled shadowsocks-libev you can only use shadowsocks-rust which come with a negative effect, rust can be big on space.

You can check if you can find it inside the plugins, but official gl ui support will not be there.