You have bought a VPN account at one of the major VPN providers. You have done so, because you e.g. have a second residence in another country. You may even have a dual citizenship.
Let us assume that you are abroad and want to work with web services offered in your home country for its citizens.
You are abroad, but electronically you may need to operate as if you were located in your home country. There are a lot of services which check the geolocation of your IP and only serve you if you call from “inside” the country, i.e. if the IP is located there.
Besides protecting your interaction with international web services and communicating encrypted via VPN servers, getting a local IP in your home country is a further aspect of what VPNs may be good for …
Some VPN providers give Linux users the option to connect to their service via OpenVPN. On Linux the connection is then done via a tun-device which redirects your traffic. Regarding your IP you afterward get what you want – an IP in your home country. But you may still experience problems with some web services there.
So, a big question may come up:
You use a VPN-service on a Linux system via an OpenVPN connection to server of the VPN-provider in a target country. How could a web service provider in the target country still find out in which country your real location might be?
A typical problem is DNS. Let us assume that you have configured your DNS at your abroad location to use a server located there knowingly or un-knowingly. The network you are coupled to may automatically have defined a DNS server for you. Other situations are: Your local “bind” configuration may address defined forwarders (= named domain) for a DNS service. Or you may use fixed DNS server addresses which have found a place in your “/etc/resolv.conf“. In all those cases a DNS server may be accessed in another country than the target country of your OpenVPN connection to a server of your VPN provider.
Let us assume that you are Swedish and that you are in a hotel in Germany due to work you do in Germany. And have set up a resolv.conf such that you use a German DNS server. The result would be that your OpenVPN connection might get you a Swedish IP address (assigned to the VPN server), but all your DNS-requests might still be answered by a German DNS server.
Now, a clever programmer of a web service offered in your target country (i.e. where your VPN server forwards your web-requests) might have build a clever REST/Ajax based sub-routine which requires you as the web-client to use DNS to resolve a certain secondary server address (owned by the web service provider) during connection build up. Thereby the web service provider may become able to check submitted references to the DNS server you used. I omit details of the analysis process in this post. The result would be a so called “DNS leak” – which might stop the aspired service in the target country of your VPN connection to work. Simply because the DNS server is not located there.
Some companies use such an indirect DNS evaluation as an element of security and protection. The laptops and smartphones of their employees are configured to use certain well defined, sometimes company owned DNS-servers. Any deviation from the allowed DNS servers might be detected via complex Ajax tools encapsulated in the connection requesting client applications or during some special first stages of a browser/server interaction and via addressed secondary company owned systems. Then the connection trial would be blocked. Or the sender of the request would be redirected to a honey pot.
The conclusion is:
Using an OpenVPN connection to a server of a VPN-provider in a target country (e.g. your home country) may not be sufficient to use some services there offered only to local residents. You should take care of the DNS servers you use and find an open DNS server in the target country, too. On a Linux system you may need to specifically configure your local DNS settings – e.g. via appropriate entries in the “/etc/resolv.conf”.
Legal aspects: I advice you strongly to first check whether using a web service in some target country via a server of a VPN provider is legal. For citizens accessing such services in their home country from abroad this is often true. But you should, of course, verify compliance to the legal rules for your specific situation.