Digital Snorkel (logo)
  Log in   Sign up

Your own private VPN server

  Frustrate mass surveillance. Escape snooping ISPs.

We have a Plan

It’s £7.50/month, including VAT. You can cancel any time.

  Sign up now

£1/month of your subscription goes straight to organisations that exist to defend your digital security and civil rights: Let’s Encrypt, the Electronic Frontier Foundation, Open Rights Group, American Civil Liberties Union and Liberty.

You need this

A VPN keeps your data safe from your ISP and others. It encrypts all data leaving your device (the VPN client) and decrypts it at another location (the VPN server) for onward transmission over the public Internet. You need a VPN because …


Mass surveillance  UK ISPs must now log every site you visit, keep the logs for 12 months, and deliver them to 48 different Government bodies on demand. A VPN frustrates this.  Learn more »

Snoopers and hackers  Public WiFi is wide open. In coffee shops, libraries, airports and beyond, people on the same WiFi can see what you’re doing and maybe hack in. A VPN prevents that.  Learn more »


Your data for sale  US ISPs can now sell your browsing history, location and other personal data to marketers and others without your consent. A VPN keeps most of your data out of their hands.  Learn more »

Blocking, monitoring, shaping  Governments and ISPs around the world block, monitor and traffic-shape a wide range of websites and Internet services. A VPN gets around these measures.

“But I’ve nothing to hide, so I’ve nothing to fear, right?” Wrong. Learn more »

We're the good guys

Digital Snorkel is a normal UK company. We pay our taxes and contribute to good causes. We’re run by economist/technologist Dr George MacKerron.

Our main motivation is to help you protect your privacy. This is a public good as well as a private one. The more people use a VPN to bypass mass surveillance, the less effective — and less defensible — mass surveillance becomes.

We aim to provide a service that’s straightforward and transparent: no snake-oil and nothing shady. Trail of Bits has a damning write-up on commercial VPN services. Our service has a clean bill of health on every problem they list (except, inevitably, that we’re a third party you have to trust).

The closest thing to running your own VPN
without actually running your own VPN


Afraid so — we need these to comply with our UK/EU tax obligations.

We’ll resist the spooks as far as we reasonably and legally can, but at the end of the day we have to comply with UK law.

Let’s back up a bit. There are really good and really bad reasons why you might be trying to keep the police or security sevices off your tail. Maybe you’re a journalist or whistleblower under an oppressive regime (we salute you). Maybe you’re making money from other people’s intellectual property … or worse (please stop). Either way, this is likely not the service for you.

This service can, we think, give you some protection from indiscriminate bulk data collection, and from opportunistic hackers on the same Internet connection. We think that’s valuable. On the other hand it can’t do much in the face of demands from the police or security services, backed up by force of law. Nor can it defend you very far against even a moderately-resourced adversary who’s specifically interested in you. (In these cases: think about Tor, do a lot of research, and have a very good Plan B).

Also, don’t forget that there are countries where merely using a VPN service — which is not difficult for people to detect — can get you in serious trouble.

See also the next answer.

Good spot. But, in fact, there are exceptions for ‘small’ businesses (< 400K subscribers) in the Internet Connection Records provisions of the Investigatory Powers Act. And in any case the Government would first of all have to ask us to collect these logs.

It is possible that we could be asked, and in that case we wouldn’t be allowed to tell anyone that we had been asked. But we promise that we will never indiscriminately log all users’ traffic. That would destroy our whole reason for being. If it comes down to a choice between doing so or shutting the service down, we will shut the service down.

On a related note, we reserve the right to shut down any and all accounts at any time, without giving a reason. It might be that we’ve been asked to compromise on our core purpose, or it might be something else. Whatever the reason, if that happens, we’ll give you a pro-rata refund.

No reason — please do! If you’re confident setting up DNS records and doing some basic system admin then you can run the same VPN software we use, on your own VPS. We suggest Algo, or our own strongSwan configuration script (since 2015). Please make sure you keep it all updated and secured, though.

We’re currently running the system-provided strongSwan on Ubuntu Server 17.04 — our strongSwan configuration script is a good guide for more details.

Hosting providers are subject to change, but we are currently on VPS hosts from OVH — they have reasonably reliable networking and unlimited traffic at an affordable rate.

Netflix specifically has a very aggressive VPN policy, and you will probably have to disconnect from our service in order to watch it. Other services may or may not work, but this does not form part of our offer.

On iOS and Mac, yes, this is fall-off-a-log easy via Connect on demand, and probably what you want. We’ll show you how to do it. The downside is that your phone or laptop will need charging a bit more often.

On Windows and Android … not so much.

Sure you can. There's an overall limit of 255 devices.

Not for now, no.

Sticking with IPv4 gives our VPN connections a better chance of making it through restrictive firewalls (since you asked: it allows us to force UDP encapsulation for ESP packets even where there is no NAT in operation).

Some other commercial VPN services offer a long menu of different VPN technologies. Most of these are slow and/or insecure. We aim for simplicity and security, and that means we only offer one: IKEv2.

IKEv2 has some key advantages over other VPN options:

  • It's secure.
  • It's now widely supported — there are built-in clients on Mac, iOS and Windows, so there's no third party software to trust, install, or slow your machine down. And, in strongSwan, there's a good open-source client for Android.
  • It's stable, with mobility features for smartphones switching between mobile networks and WiFi (MOBIKE).
  • It's fast.
  • On Mac and iOS, Connection on demand is supported, meaning you can use it for all traffic at all times.

The other serious contender would be OpenVPN. OpenVPN has the advantage of making it through very restrictive firewalls, if configured to use TCP on port 443 (mimicking https). On the other hand, this TCP-over-TCP setup doesn't work very well, and OpenVPN lacks several of the other advantages of IKEv2 listed above.

No, but you can install the open-source strongSwan client direct from the Play Store.

This is the same software that runs on your VPN server with us, so it doesn’t mean extending your trust to any additional third parties.

At present, no.

Generally, no.

Mac, iOS and Windows all let you enter IKEv2 VPN details through their Settings or System Preferences apps. But in all cases a VPN you set up in this way is limited to broken encryption algorithms. To configure tolerably strong algorithms — and the option of on-demand connections on Apple devices — you need to use our .mobileprovision XML file (Mac, iOS) or PowerShell script (Windows). These are both simple text files.

Since we configure our servers to accept only tolerably secure algorithms, a GUI-initiated connection simply won’t work.

We’ll give you full instructions, but sorry, we can’t provide one-to-one technical support for connection problems.

We suggest you make us of our test connection server before signing up, from all devices you want to use, so you can see that you’re going to be able to make this work. As a last resort, you can close your account for a full pro-rata refund.

We'd love to hear from you

Anything we haven’t covered? Please do get in touch. Email

  Sign up now