What & Why & When & How Use V2Ray VPN

What is V2Ray VPN?

In summary, V2Ray is an open-source VPN and tunneling service that focuses on bypassing censorship and restrictions. It provides a variety of clients and servers for different operating systems so users can connect and enjoy their freedom on any device.

Why? Same Challenge, Different Locations.

The first question that comes to mind is why V2Ray is used as an alternative to WireGuard, OpenVPN, or any other VPN provider (such as NordVPN, ExpressVPN, etc.). There are so many providers that are already in the market with good quality service, so why?

We all know about restrictions and censorship in many countries (if you don’t, read more about The Challenge of Internet Censorship), and they are getting smarter and more restricted every day. At some point, regions start blocking the VPN providers or messing up with VPN and tunneling protocols such as WireGuard, Socks, IPSEC, and so on. However, they are still letting HTTP/HTTPS pass with fewer restrictions or maybe just a speed limit toward outside-world IPs.

Even in Europe or the US, trying to enjoy your freedom and privacy while using a shopping mall or a cafe WiFi, their IT department blocks some websites or protocols to only limit users to browsing relevant content, e.g., using their website for purchasing goods, tickets, or checking updates, news or simple messaging on whats app. But they are blocked if you try to connect to your work/business services, such as VPN or SSH. This is partially the security and compliance challenges they are facing, and I understand it’s for their protection in case someone wants to serve malicious torrents or any other activity while it’s also blocking you from doing your routine work.

I am pretty sure some of you at least got that slap in the face when you decide to work from a cafe, and you can’t connect to your services via their wifi, and the 4G/5G signal is not good there.

When? HTTP(S) Tunneling.

I have a memory of a day I needed to connect to my service in a cafe where mobile internet was not an option, and I started trying different providers until I figured, why not use my private HTTPS proxy? It worked, but the experience was the worst! Slow, high latency and I was seconds away from punching my laptop. The only reason I didn’t punch it was I felt a bit good about bypassing that firewall restriction using HTTPS.

Why? Legacy HTTP(S) Proxy Reduces your Productivity.

While I really liked the cafe location, the internet was pushing me away to find a new place, but I had a charging station, a good amount of noise (doesn’t distract you, doesn’t bore you), and good corners, so no one would look into my monitor while I am working (nothing weird, just a lot of smelly code on my monitor which I prefer people see them after I clean up). But this HTTPS proxy was killing the vibe and my productivity so I started Googling a bit about the issue and find out there was a strong open-source project (V2Ray discontinued, V2Fly took over, and V2Ray restarted again), and it provides an alternative proxy/tunneling with much faster speed, better latency, and more protocol variety. A protocol that caught my eye was using HTTP(S) WebSocket (or even QUIC) as a VPN tunnel, which provides authentication, usage stats, and much more flexibility. It took a while for me to configure everything, but I did it, and it works great!

Cloudflare CDN Piggyback

I am sure we have all heard of Cloudflare’s great free services (such as their WAF & CDN), and now they even provide CDN accelerated VPN (Cloudflare WARP Zero Trust Solution and VPN), but the issue still remains. Most countries or firewalls blocked the services while their CDN, which covers 80% of the world’s websites and trillions of requests daily, is reachable from all over the world; although some of the websites (domains) are censored in some countries, it’s because of their content. At some points, countries applied speed limits, but the connection still works!

While I was using V2Ray VPN, I created a subdomain on my personal blog and pointed it to my VPN servers, and since the protocol was HTTPS/WebSocket, it’s working for free and taking leverage of large Cloudflare’s CDN, which according to their website they are present in 310 locations in 120+ countries. While I am doing TLS 1.3 encryption on Cloudflare and passing it to my server in Germany, it is amazing how my speed increased by 88% because of the Cloudflare CDN!! Naturally, VPN reduces the speed because of encryption and tunneling processes, but the gain back from Cloudflare’s CDN was bigger than the loss from encryption.

When to use V2Ray?

I use V2Ray not only when I am traveling to restricted countries but also in European cafes when there is an angry firewall (I am allergic to public WiFi, TBH I use VPN all the time) or when the network speed is low, and I need a faster network. VPN isn’t only for proxy/tunneling; it’s also for your privacy, protecting your IP/location, so my thought is, trust your ISPs; you never know if they are creepy and looking into your connections or DNS requests; even most of the websites are encrypted via HTTPS/HSTS; ISPs or website are able to track you at some level.

How to Use V2Ray?

Two ways!

Set up your own private service: Follow the documentation on V2Ray/V2Fly and set up your own server, get help from ChatGPT, connect it to your Cloudflare DNS, and then download any of their VPN Client apps.

Buy an awesome Secologist V2Ray VPN subscription from me (yup, this post was for marketing); I have already done all these, plus I added an HTTP(S) load balancer, so you can automatically connect to the fastest server.

Subscriptions are not limited to a number of devices/connections and are much more affordable than other solutions.

Note: When you are connecting to load balancers, you will have IP rotation per a few requests, so if you want to have persistent sessions, you can try the latency check feature in your VPN client app and connect to the servers directly.

How to do a latency check?

Ping any server on Cloudflare CDN (or mine) by opening CMD/Terminal and writing:

# Ping any website on Cloudflare ➜ ~ ping www.secologist.com -c 4 PING www.secologist.com (172.67.74.55): 56 data bytes 64 bytes from 172.67.74.55: icmp_seq=0 ttl=57 time=9.652 ms 64 bytes from 172.67.74.55: icmp_seq=1 ttl=57 time=10.246 ms 64 bytes from 172.67.74.55: icmp_seq=2 ttl=57 time=12.344 ms 64 bytes from 172.67.74.55: icmp_seq=3 ttl=57 time=10.723 ms

--- www.secologist.com ping statistics --- 4 packets transmitted, 4 packets received, 0.0% packet loss round-trip min/avg/max/stddev = 9.652/10.741/12.344/1.000 ms # Ping one of my load balancers ➜ ~ ping falkenstein-lb-1.vs.secologist.com -c 4 PING falkenstein-lb-1.vs.secologist.com (104.26.1.215): 56 data bytes 64 bytes from 104.26.1.215: icmp_seq=0 ttl=57 time=9.263 ms 64 bytes from 104.26.1.215: icmp_seq=1 ttl=57 time=10.811 ms 64 bytes from 104.26.1.215: icmp_seq=2 ttl=57 time=10.018 ms 64 bytes from 104.26.1.215: icmp_seq=3 ttl=57 time=10.597 ms

--- falkenstein-lb-1.vs.secologist.com ping statistics --- 4 packets transmitted, 4 packets received, 0.0% packet loss round-trip min/avg/max/stddev = 9.263/10.172/10.811/0.600 ms

So.. 10ms.

Privacy

All logs and monitoring are disabled on our servers, data is encrypted via TLS 1.3 on transit, and our servers’ disks are encrypted via AES-256. We care about our customer's privacy and security. However, this is not an open invitation for malicious actors to use our services for some shady activities.

Third Parties

Your connectivity goes through Cloudflare. Read more: [1].

Your subscription data is stored via Wix. Read more: [1], [2].

References

https://www.secologist.com/anonymous-v2ray-vpn

https://www.cloudflare.com/network/

https://commons.wikimedia.org/wiki/File:Internet_censorship_in_the_World_2020_by_country.png

https://community.cloudflare.com/t/statistically-speaking-whats-the-percentage-of-total-sites-that-use-cf/372054

https://blog.cloudflare.com/cyber-week-analyzing-internet-traffic-and-e-commerce-trends/

https://www.v2fly.org/

https://www.v2ray.com/