by 0x_rs on 5/29/23, 2:55 PM
Port forwarding is a big deal. Mullvad is very well respected, and so is their advocacy of privacy, but once the setup ports expire I'll be forced to pick another provider, not as safe and certainly not as cheap either—I think many others are on the same boat too. Up until now if you needed a VPN with this feature there weren't any better alternatives. Another day cursing at networking, I guess.
by jsheard on 5/29/23, 2:47 PM
I had to stop using Mullvad because so many of their IP ranges were blocked or throttled by various services, it was borderline unusable as a daily driver. Unfortunately there isn't a good way for them to protect the reputation of their IPs when they don't collect any information that could be used to identify abusive customers, by design.
Maybe retiring port forwarding will help, but their IP ranges aren't going to be removed from every shitlist out there overnight.
by timtom39 on 5/29/23, 4:00 PM
Dam, really liked these guys but this makes it about useless for torrent seeding. I wish they would have considered alternatives like only allowing port forwarding for some of their IPs. I don't care about IP reputation.
by gioo on 5/29/23, 1:55 PM
Really a shame, especially for torrent users. The other good alternatives are double the monthly price at 10$/month in the case of IVPN (if you want port forwarding that is) and ProtonVPN. Unless you want to commit for a year or two and pay all in advance, which is meh but the discount may be worth it.
by Roark66 on 5/29/23, 4:36 PM
Pity. I never used them, but I know the pain of not having an externally reachable IP. My Lte provider (the only one in my area with "unlimited" plans) has basically all of its tens of thousands of users on a single IP. So I've been using a vpn terminated in Aws to access for example Ip cameras and other stuff at home while I'm away. I can't wait until we finally get ubiquitous ipv6. Probably not in my lifetime(because security). I've been waiting for it for last 20 years.
by elashri on 5/29/23, 2:17 PM
by benatkin on 5/30/23, 3:07 AM
> Unfortunately port forwarding also allows avenues for abuse, which in some cases can result in a far worse experience for the majority of our users.
Let me rephrase that.
> Unfortunately port forwarding also allows people to get the value for the money they pay us, which in some cases can result in our service not functioning like a gym membership, where we aren't used for much but many users continue to pay for us (sadly many services block traffic coming from us which makes a lot of simpler uses of a VPN fail as well). We'll aggressively defend against chargebacks.
by 2oMg3YWV26eKIs on 5/30/23, 2:04 AM
by AnonC on 5/29/23, 5:41 PM
So basically, Mullvad is saying that you can use its VPN aeevice as a client to reach services but not host a service yourself (especially in a home network behind NAT or CGNAT) and have others connect to it via the VPN.
The most commonly used scenario for port forwarding would be torrenting, where users forward ports so that they can be “connectable” (i.e., accept incoming connections from the Internet).
by switch007 on 5/29/23, 2:22 PM
This seems like a signal that it’s the beginning of the end. We all knew popularity would be their demise.
Hopefully a competitor will start up and attract less attention for a while until we have to do it all over again.
by 2OEH8eoCRo0 on 5/29/23, 2:45 PM
Horrible news but I can't blame them
> This has led to law enforcement contacting us, our IPs getting blacklisted, and hosting providers cancelling us.
by fullspectrumdev on 5/29/23, 2:44 PM
Unfortunately was only a matter of time, this happens to every VPN provider who offers port forwarding eventually - widespread abuse by script kiddies and such to host RAT C&C servers.
by joeman1000 on 5/29/23, 11:06 PM
This will be the end for me, after being a constant customer since 2018. I absolutely need this feature and will have to find another product.
by yokem55 on 5/29/23, 2:46 PM
This is really going to hit folks who were trying to host stuff behind cgnat. I suppose a cheap vps will have to do instead.
by Aeolun on 5/30/23, 2:57 AM
I like how blunt they are about this. No excuses. “Some people are ruining it for all of you, so you can’t have the good things any more”.
by Capricorn2481 on 5/29/23, 2:25 PM
Why does this affect torrent users?
by armitron on 5/29/23, 2:39 PM
Port forwarding is the reason I use mullvad, time to switch.
by zokier on 5/29/23, 3:17 PM
by sph on 5/30/23, 10:40 AM
RIP torrenting on Mullvad. It's been a nice 2 years, and I am upset by this change.
by Hamuko on 5/29/23, 1:44 PM
No mention of refunds? That's quite a significant change to the service.
by naet on 5/29/23, 9:00 PM
Shame, I'd been greatly enjoying Mullvad and their stance on privacy, but port forwarding is a must for some of the services I run. Anyone have a good suggested alternative?
by sys42590 on 5/29/23, 12:25 PM
Yes, the potential for abuse is quite a lot... from the rather harmless Torrent user up to running C&C servers for botnets.
by forty on 5/29/23, 6:03 PM
I'm curious: if you have a forwarded port on your vpn that anyone can send traffic to, assuming that someone can observe the encrypted traffic going out of the vpn provider, couldn't they send various traffic "shape" to the port and try to find the same pattern in the encrypted traffic to figure out who you are?
by eduction on 5/29/23, 11:27 PM
I port forward via ec2. Had to learn iptables (which apparently are now deprecated) and set up openvpn (these days I’d probably do wiregaurd). Works fine for my personal website, and paying in advance the cost is maybe $3/mo, didn’t realize it was remotely controversial.
by alberth on 5/29/23, 6:01 PM
Why do individuals use a VPN, other than to do questionable activities?
Not trolling, genuinely curious.
by wkat4242 on 5/29/23, 8:48 PM
Ohhhh too bad. It was useful for torrents.
That said, I never actually got incoming connections over UDP working properly anyway through these ports, even though they were supposed to be supported.
But I can understand the reasoning yeah.
by kome on 5/29/23, 2:36 PM
by jftuga on 5/29/23, 6:57 PM
I wrote something tangentially related, but for single user.
"gofwd" is a cross-platform TCP port forwarder with Duo 2FA and Geographic IP integration. Its use case is to help protect services when using a VPN is not possible. Before a connection is forwarded, the remote IP address is geographically checked against city, region (state), and/or country. Distance (in miles) can also be used. If this condition is satisfied, a Duo 2FA request can then be sent to a mobile device. The connection is only forwarded after Duo has verified the user.
https://github.com/jftuga/gofwd
by UI_at_80x24 on 5/29/23, 2:20 PM
Well bummer.
I'll be applying for a refund.
by ctime on 5/29/23, 2:35 PM
Also, does this mean they just aren’t going to allow fully routable ipv6 because of “abuse” or whatever (one of the promises of ipv6 whenever it’s realized probably shortly before the heat death of the universe is preciously what mullvad claims to be the cause of trouble)
by fulafel on 5/29/23, 3:03 PM
Can you still accept incoming connections on IPs that are behind the VPN?
by LjutiBrk on 5/29/23, 3:59 PM
Hide.me supports port forwarding with uPnP
by flangola7 on 5/29/23, 3:58 PM
If I don't torrent how does this affect me
by jason2323 on 5/29/23, 3:07 PM
Can someone explain to me why they need port forwarding functionality through a VPN?
by gigatexal on 5/29/23, 2:57 PM
This is off topic but how can Mullvad be a no log vpn and still operate without impunity? What about Uber illegal stuff like csam or terrorist stuff etc?