Thanks for the sanity check and suggestions. Privacy from my ISP, as well as secure connections on public wifis when traveling, those are my two main use cases. Another would be privacy from big tech, but still gotta use their services here and there so can’t have my cake and eat it too.
Yeah, I’m already running another browser in split tunneling to get around these issues. Brave and Librewolf currently in use, so I think I’ve got that covered along with other privacy/opsec suggestions.
Thanks for sharing. You make some good points.
Regarding Netflix, I mentioned it as an aside. I know Mullvad doesn’t market itself as a tool to bypass its geoblocking, unlike some other, less trustworthy, VPN services.
When connecting to mullvad.net from my Android it’s showing both IPv6 and IPv4, so at least that’s confirmed. Thanks!
Thanks for your input. Although nothing I do requires anonymity, I’m sporadically using these services in a privacy-oriented way as there are no alternatives to some of them.
Interesting I never thought of it from that point of view. I do banking in three different countries. So for me it’s important that I can login to my banks across borders.
I’m the opposite. I live abroad and can easily pass whatever 2fa they want, just let me at my money without mysteriously disabling the site because I’m coming from a foreign IP.
Don’t have the router you mentioned but I have the option to install Mullvad on it. I’m still hesitant to install it however. Per-device rules are nice, but I would ideally need a per-application rule. That’s why I’m running split tunneling through the client on the devices themselves. Just takes up a lot of install slots.
Sure it doesn’t let me forward ports, or whatever nonsense argument you guys have against it. I don’t know or care.
The MAIN feature I want out of mullvad is better tunability in a mutli-NIC environment.
I want to be able to TURN OFF mullvad entirely on my HyperV nic.
Right now, I don’t think that I have control over whether my HyperV Nic goes through Mullvad or not. I should ALWAYS have that control, and I don’t from what I’ve seen. I THINK that mullvad applies to ‘ALL NICS’. But unfortunately, one of my NICs is NOT shared with the primary machine. So I have NO visibility to whether mullvad is TRYING to vpn that connection. I guess it doesn’t get VPNed.
But either way, my LAN machines all work absolutely seamlessly, it’s fantastic. (different subnet).
My GOAL is to have 1 NIC on a different subnet so I can install ‘virtual routers’ when and where I please!
I’ve MAINLY moved my HyperV machines to a different host to have better control over that.
I will test them in the future. Thanks for confirming about Aurora at least.
You don´t have to use Google, there are other search engines with good results like DuckDuckGo. I never get captchas with them.
Same, had no problems before but last week every single time.
If you really care about privacy you need to think harder on the services you use, how they block you and if you really want to be using those services to begin with if they make it difficult for you to be anonymous.
Banking, maybe they should know your ip 
they know who you are anyway when you log in right?
Email and social media: may e they don’t need to know your true identify. It really depends on their EULA.
It’s always a few bad actors. Explains more about why they dropped port forwarding, I guess they got too popular for their own good.
secure connections on public wifis when traveling
FYI; That is what HTTPS is for. As long as your connecting to the actual public WIFI rather than one someone created to impersonate it, your going to be fine.
Yea with udm pro and pfsense you can do per device per application per ip address per domain and a number of other options. You can even install pfsense or opensense on pretty much any old computer you have laying around. All you would need to do is buy a pcie Ethernet card with 2 ports at least on it and you’d be able to have an enterprise grade router and firewall. You could use any WiFi router you have in AP mode to take care of WiFi for it or purchase a ubiquiti access point or any access point for that matter and you’d be able to do all of the things you need or want with the vpn
think the general problem is the state of the internet. All services on the internet are so connected now and you are tracked constantly, as soon as you break out of tracking, websites will think you are a bot.
Fact 1: googles recaptcha use tracking data to know you are human. Some captchas don’t use this data.
Fact 2: cloudflare offers to block all vpns out of the box, Cloudflare is a used by most websites today.
Maybe it’s time for something new, next gen VPN, a trusted ip pooling service? Or residential proxies for the masses? Not just hackers and spambots? Could be cool
I just think that SOMEONE needs to step up and fix the Squid situation in PfSense. I haven’t evaluated OpnSense or any of my OTHER half dozen solutions. I’m just pessimistic because Untangle is gone 