LiquidVPN Review

Let us begin our LiquidVPN review with a little history of the company.  LiquidVPN was founded in 2013 by Dave Cox, a network engineer with more than 15 years experience working in some of the most advanced private data centers in the United States.  They are not one of the oldest or largest VPN providers in the space.  Indeed, they have stated that their goal is not quantity but rather quality when it comes to expansion of their VPN network infrastructure.  They refuse to compromise when it comes to their users privacy and their security.  Therefore LiquidVPN has established a baseline set of requirements for privacy, net neutrality, usage policy, hardware, redundancy, traffic, peering, and bandwidth that data centers must meet before they will consider adding servers there.  Consequently, they are a fairly small VPN service with a small core of server clusters located in strategic places around the world.

The LiquidVPN team pride themselves on customer service stating that most queries are handled within 30 minutes unless as they put it, “the wee hours of the morning,” then it could take a few hours.  LiquidVPN is technically innovative in that it supports multiple VPN tunnel topologies including “Modulating IPs” which we will examine later.   Finally, LiquidVPN is a forward thinking service.  This is evidenced by their experimentation with the non-National Institute of Standards and Technology (NIST) encryption algorithms like Camellia-256-CBC for the OpenVPN protocol at a couple of its locations.

Pricing and Special Offers

LiquidVPN pricing structure is different than most VPNs in that they price their service on the number of simultaneous connections to their network.  They call their offerings: SideKick which allows two simultaneous connections; Road Warrior which allows four, and Ultimate which allows eight.   Like most VPN providers, they offer discounts for all of their plans if you subscribe for a longer term.  LiquidVPN offers all of their plans in two term lengths: one month and one year.

As you can see above, LiquidVPN markets their SideKick  plan for $7.00 per month and $57.00 per which means you can save $27.00 or about 32% buy signing up for a year of service.  Although the Ultimate plan has the potential to save you over 50% off the monthly price, only a small amount of power users will actually need that many simultaneous connections.  Therefore, the “sweet spot” for the LiquidVPN service seems to be the Road Warrior plan.  Signing up for a year of this package will save you $51.00 or about 42.5% of the monthly price.  Enjoy unlimited VPN with four simultaneous connections from just $5.75 per month.

The LiquidVPN service will give you unlimited access to about 44 servers in 9 different countries.  You will have access to some of the most robust encryption algorithms to protect and secure all of your Internet traffic.  You will also be able to choose from their four types of IP tunnel connections to determine your level of anonymity while surfing the Internet.   Additionally, you will have access to their private encrypted, zero-logging LiquidDNS service.  Using the LiquidDNS service will allow you to access their beta feature which will let you enjoy many different US and UK steaming services from any of their VPN locations.

LiquidVPN accepts many different payment options including Bitcoin, credit cards and PayPal.  The credit cards the accept include Visa, Mastercard, Discover American Express, JCB, EnRoute, Diners Club, Visa Debit, and Visa Electron.  Payment is in US dollars.  Paying by using Bitcoin will allow you more anonymity.

Risk Free Trial Period

Although LiquidVPN does not offer a free trial for any of their services, they do have a 7-day money back guarantee.  This will allow you time to review the service and see if it is right for you.  If you are not satisfied with their service for any reason, they will gladly refund your subscription fee within the first seven days of service.  To get a refund, you must first cancel your service and then send a ticket to the billing department.  A refund will only be granted within seven days of payment for services if you have not used an unreasonable amount of resources before requesting the refund.  This last part, “unreasonable amount of resources,” from their ToS could be made more clear.

Features of the LiquidVPN Service

LiquidVPN’s  service includes access to 44 servers in 16 cities spread across 9 different countries with access to over 2000 public IP addresses.  Those who subscribe to their VPN service will also be able to use their LiquidDNS.  LiquidDNS is LiquidVPN’s encrypted, zero log Smart DNS service.  It is a private DNS service that is 100% owned and operated by LiquidVPN and made available exclusively to LiquidVPN subscribers.  This will let you perform encrypted, zero logging search queries.  This can help guard you from unwanted marketing, government censorship of sites like Twitter and YouTube,  and malicious phishing.

Using their LiquidDNS servers for all of your Internet surfing will not only increase your privacy but will also let you access their new beta service that will let you watch streaming media from the US and the UK from any of their VPN server locations without the need to connect to a server in one of those respective countries.

Another feature that the LiquidVPN service offers is the ability to choose the type of IP connection used in the VPN tunnel connection.  The choices that you can make are as follows:

• Shared IP – general topology used by most VPNs
  • It is the default for all VPN protocols:  OpenVPN, SSTP, L2TP, PPTP
  • Connections are guarded by a Network Address Translation (NAT) firewall
  • Recommended for devices that do not have a firewall like smartphones and tablets or access at Wi-FI hot spots like your local restaurant
  • Provides some degree of anonymity because IPs are shared between other LiquidVPN users
• Public IP – provides one dynamically assigned public IP address per user session
  • Addresses go back into pool after use to be reassigned to other users
  • Recommended for day to day web surfing, P2P downloading, gaming, VOIP and other general activities.
  • Less privacy because traffic can be tracked back to the IP and only you are on it
  • Uncensored access to the open Internet with all ports but port 25 open
• Modulating IP – The public IP modulates with each new request to access an internet service… ie load a picture, changes site page, click a link, or etc.
  • Utilizes shared IPs
  • Connection is 20-40% slower than other VPN connections due to extra overhead
  • Provides the greatest anonymity as it is virtually impossible for anyone to track
  • Will not work with all sites that you may want to visit
• Dedicated IP – A public IP address is assigned to you alone and it never changes
  • Requires extra setup on your part to open and close ports
  • Provides no anonymity because the traffic can be traced directly back to public IP address that only you have access to
  • Only use if you need an IP address that does not change

The last feature of the LiquidVPN service is the excellent security provided by its encryption.  The service supports OpenVPN (UDP/TCP), SSTP, L2TP/IPsec, and PPTP protocols.   The PPTP protocol which uses 128-bit MPPE has the lowest encryption and is generally considered only useful when speed is your objective and not security or if no other protocol is available for your device.  LiquidVPN uses AES encryption for their SSTP which is mostly for Windows and can punch through most firewalls.   Their L2TP/IPsec protocol uses AES 256-bit encryption and is good for mobile devices which have built in support for it.  Finally their OpenVPN encryption implementation uses CBC 256-bit AES with 4096-bit RSA key and Camellia-256-CBC where available.  This means you will be able to find a VPN connection which fits your security needs.

LiquidVPN Network and Server Locations

LiquidVPN’s network includes access to 44 servers in 16 cities spread across 9 different countries with access to over 2000 public IP addresses.

Countries	Cities	Protocols	Log Policy
9	16	OpenVPN TCP/UDP, SSTP, L2TP/IPsec, PPTP	No Logs

The list of the countries and cities that LiquidVPN has VPN servers in is a short one and includes the following:

• Canada – Toronto, ON
• Germany – Frankfurt
• Netherlands – Alblasserdam; Amsterdam; Rotterdam
• Romania – Bucharest
• Singapore – Singapore
• Sweden – Stockholm
• Switzerland – Zurich
• United Kingdom – Manchester
• United States – Chicago, IL; Kansas City, MO; Los Angelas, CA; Manassas, VA; Miami, FL; Piscataway, NJ

Although LiquidVPN may not have the number of servers that some VPN providers do, they try to make up for it in the quality and strategic placement of the servers in their network.  Every server in their network has a dedicated 1Gbps port to provide you with one of the fastest possible connections to the Internet.  All locations in their network have servers that support shared IP addressing.  They have servers in all locations that support all of the VPN protocols: OpenVPN, SSTP, L2TP/IPsec, and PPTP.  Currently they have client software for Windows and Mac OS X.  They also have an Android app in beta.  They have guides in their knowledgebase to help subscribers manually install their service using all supported protocols on Windows, Mac OS, Linux, iOS, Android, DD-WRT routers and other devices.  In addition to these basic requirements, the LiquidVPN network offers servers that are DDoS protected to 20Gbps, servers optimized for P2P, and servers with 10Gbps ports that are strategically placed to improve their network performance.

Privacy and Security

Although LiquidVPN is based in the US, they have a strict No Log privacy policy.  They do not log any usage data from their VPN users.  They keep only the information necessary to operate their service.  In their own words:

LiquidVPN would choose to voluntarily shut down some or all of its network and relocate to another jurisdiction or close completely before allowing a violation of your privacy to occur. We will publicly announce requests for information regarding our users and the LiquidVPN network. We provide a weekly Warrant Canary guaranteeing that every request for information received has been made publicly available.

LiquidVPN does not maintain any session logs. The websites you visit and the type of data you’re sending/receiving is your business. We do not monitor this kind of traffic. Session data is never stored or recorded, your internet data and usage privacy are our paramount concern.

Their privacy policy, as well as, the transparent way that they handle request for information by publicly posting them and any action taken, is a testament to their dedication to your privacy.  Also they accept payments using Bitcoin to help you protect your privacy and anonymity even more while using their service.

LiquidVPN has also provided for the security of your internet traffic and browsing habits.  They offer support for the following VPN protocols including OpenVPN (TCP/UDP), SSTP, L2TP/IPsec and PPTP.  This can help you encrypt all of your online traffic and to secure it from prying eyes.  LiquidVPN clients use the OpenVPN protocol with CBC 256-bit AES with 4096-bit RSA key or Camellia-256-CBC ciphers which will provide you with some of the best encryption protection available in the industry.

OpenVPN is the most secure of the VPN protocols.  It is a very versatile protocol which now has support for most types of devices.  L2TP/IPsec is an excellent choice for mobile devices like iOS because most natively support it and make is easy to configure although it can be a little slower that some other protocols.  Their L2TP/IPsec implementation uses AES-256 bit.  They also offer support for SSTP which is mainly for Windows and will allow you to scale most firewalls.  Including support for the PPTP protocol which has widespread platform support, is easy to set up, and fast because of its low level encryption, allows them to support even more devices.  It is a popular choice for streaming media where security is not your greatest concern.

Providing support for four different OpenVPN tunnel topologies allows you to secure your online traffic and decide for yourself how anonymous you want to be while surfing the Internet.   Using modulating IPs can make your Internet habits virtually untraceable.  LiquidVPN has guides to help install it on many different kinds of devices using all of the protocols that they support.   They even provide guides for configuring their service with DD-WRT routers.  They even have a guide to use their service with PFSense software.

Hands-On Testing

We complete our LiquidVPN review with some hands on testing of their client software to see how easy it is to set up and use, as well as, test its overall performance.  I would like to start by saying that LiquidVPN performed well in our speed test.  LiquidVPN has custom client software for both Windows and Mac and a just released beta app for Android devices.  They provide step-by-step guides for configuring their service with various protocols on other types of devices like iOS, Android, and other mobile devices.  They also have guides for using their service with Linux and DD-WRT routers.

Connecting from Windows

LiquidVPN has a custom client for Windows that will let you connect to any server in their network using the OpenVPN protocol.  You can download the client from their website.  On installation of the client, you will see a couple of setup screens.  The first will allow you to create a desktop icon for LiquidVPN and run the client once the installation is complete.  The second will install the OpenVPN TAP driver for Windows.

If you selected run the client once installation completes you see a screenshot similar to the first one in the image above.  This is the main connection screen for the client.   Just to the right of the red Connect button is a button with the Android GPS location icon on it.  Clicking this button will display a screenshot similar to the middle one above. This is the server selection screen which lets you choose which server you want to connect to.  This screen is divided into two areas.  The first area of this screen allows you to select criteria for your server selection which includes the following:

• Region – Allows you to see all the servers in a particular region
  • Options include:  All, European Union, North America, Asia, Eastern Europe
• Protocol – Lets you choose the protocol used for your connection
  • Options include:  OpenVPN, L2TP/IPsec, SSTP, PPTP
• Topology – Lets you choose your IP connection type which lets you control the degree of your anonymity
  • Options include Shared, Public, Moulating, Dedicated
• Favorites – Lets you show only saved favorite servers

The second part of the server selection screen shows the servers which fit the chosen criteria.  Clicking on the circle arrows to the right of ping will show the latest latencies (ping) for the chosen severs in milliseconds.  Clicking on the red star across from a particular server will select that server as a favorite.  The third screenshot above shows the favorites that we have selected.  Clicking on the Florida US server named Leesin selects it.

This results in a screenshot like that shown on the far left in the illustration above.  As you can see in this screenshot, the chosen server Florida, US [Leesin] appears on the connection button below the word connect.  Clicking on this button initiates the connection process which results in the middle screenshot above with red connect button changing to the yellow connecting one.  If this is your first time connecting to the service, a window which will let you enter and save your username and password.  This will need to be completed before the connection process will start.  The screenshot to the far right shows the completed connection.   Now that we have examined how to select and connect to a server using the client software, let us take a look at the parts of the connection screen.  Examining these parts on the completed connection screenshot above, we see the following components:

• Disconnect button – Clicking this will disconnect us from the chosen server
• Server selection icon – Will reappear once we disconnect from our chosen server
• Bar graph of data transferred – Shows the upload and download speed (Mbps) of the connection and a bar graph over the session
• Current status – Disconnected or connected
• Enable/Disable liquid lock button – The Windows version of liquid lock uses the Windows Filtering Platform API to make rules to completely cut your device off from the Internet and then opens a hole to connect to a LiquidVPN servers and create an encrypted tunnel between the two locations.  This provides the ultimate kill switch since any attempt (malware, WebRTC leak, DNS leak, etc.) to circumvent the encrypted tunnel is simply dropped unless you have given it permission to bypass the firewall through the settings menu.
• Information
  • Current IP Address – IP address assigned by the server you are currently connected to
  • Timer for current session – time in seconds since the session started
  • Current topology and encryption being used in current connection – shared, OpenVPN-256 bit

Clicking on disconnect in the third screenshot above will take you back to the disconnected screenshot shone above far left.  From here you can select another server by clicking on the server selection icon as we have shown previously.  Else, you can click on the gear in the upper left menu and select settings.  This will bring up the settings menu which will allow you change how the VPN operates.  It has three tabs (from left to right):  general, advanced, and liquid lock.    The general settings tab has two sections; authentication and options.  Filling in the username and password here will save it for future server changes.  The options on the general settings tab include the following:

• Automatically connect when connection drops
• Autoconnect when LiquidVPN is started
• Launch LiquidVPN on system startup
• Minimize to tray after connecting
• Check for program updates on startup
• Disable IPv6

The second tab on the settings menu is the advanced tab (shown middle image above).  The advanced tab has two sections.  The first of which is the openVPN section which include the following two options:

• OpenVPN protocol – Will let you change the protocol from UDP to TCP
  • UDP – User Datagram Protocol is the default and fastest protocol
    • Parity error checking is optional.
    • It does not guarantee that all packets will be delivered or the order they arrive in.
  • TCP – Transport Control Protocol (Slower than TCP protocol)
    • It guarantees that the data will be delivered and that it will be received in the order it was sent.
    • TCP is useful in some cases when you want to mimic HTTPS traffic.
• Port – Lets you choose different ports for your traffic
  • Port options:  Automatic (chosen for you), 53, 118, 123, 443, 921, 1194, 9201
    • Changing ports may help if you are having connection issues
    • Selecting the TCP protocol and port 443 will allow you to simulate HTTPS traffic

The second section on the advanced tab allows you to manually set your Domain Name Server (DNS).  You should leave this to automatic if you intend to use the LiquidDNS service offered by LiquidVPN.   You should only change this if you understand what you are doing as it could stop you from being able to access the Internet if you enter the wrong value.

The Last image above allows you to determine what traffic is allowed to flow when liquid lock is enabled,.  Their is a checkbox to allow Local Area Network (LAN) traffic and a place to manually add or remove IP addresses that can run while liquid lock is enabled.

Connect with the Mac Client

Just like the Windows custom software, the LiquidVPN client for Mac can be downloaded from their website.  Their mac client has similar features to the Windows one.  It is easy to download and install.  It is meant to run on Mac OS X 10.7 and higher.   They make it one-click easy to download and install their Mac client.  It has the same liquid lock feature to lock down your VPN which uses the universally accepted PF rules built into OS X above Lion.  It has many of the same features as their Windows client.   In addition to their custom VPN client, LiquidVPN also has guides to manually configure Mac OS X for Tunnelblick, PPTP, and L2TP.

Connect from iPhone or iPad

LiquidVPN does not have an iOS app but they support all the devices (iPhone, iPad, iPod Touch).  iOS natively supports L2TP/IPsec on VPNs.  LiquidVPN has guides for configuring iOS devices using PPTP, L2TP/IPsec, and OpenVPN protocols with their service.  Below is a generic guide to illustrate how to set up L2TP/IPsec for LiquidVPN.

L2TP/IPsec simplified manual set up for iOS:

1. Click on “Settings” and then click on “General“.
2. Scroll down and select “VPN“
3. Tap “Add VPN Configuration“
4. Select L2TP
   1. Enter a description like LiquidVPN connection
   2. In the “Server” field type the server address of a LiquidVPN server.  You can find the server addresses by logging into the client area of their website.
   3. Enter your username and password for the VPN note: this is different than your site login and was provided to you by the LiquidVPN staff in your welcoming sign up email.
   4. You can get the Secret value to enter into this field by logging into their client area.
   5. Make sure “Send All Traffic” is enabled.
   6. Tap “Save”.
5. Toggle the VPN “ON” to test your connection

Connect an Android Device

LiquidVPN has a beta app for Android devices that has just been recently released.  This app provides the same ease of use to Android users that the Windows client has.  Below is a illustration showing some screenshots from the Android app.  The first screen shows the authentication where you enter your username, password (received in your welcoming email), click remember me, and hit next. This saves your credentials for easier future server changes.  The selection screen is shown in the other two screenshots.  Similarly to the Windows client, You can choose the region, topology, and protocol for the connection.  Notice different servers are shown for the two protocols TCP and UPD in the below screenshots.  You can also look at the latest ping values to help you determine the fastest server to connect to.

Although the LiquidVPN app is still in beta, it looks similar to the their other clients and will make it easy for you to use their service to connect, disconnect, and change servers on their network.  If you are familiar with their windows client, you will easily be able to recognize and use their Android app.

LiquidVPN Speed Test

LiquidVPN did well in our speed test.  The speed of their server in Miami, FL was excellent.  You should be happy with the speed of their network for most applications based on our testing.  This test was run using the LiquidVPN Windows client using the default OpenVPN (UDP) protocol which utilizes the AES 256-bit CBC cipher for encryption of your Internet traffic.

As you can see there was a 12.9% difference in speed between the connection directly to our ISP and the connection to a server in Miami, FL.  As expected their is some loss in connection speed but it is well worth the for the extra security provided by this level of encryption.  With a speed of just over 48 Mbps, you should be happy with the performance of the LiquidVPN service for all your Internet needs.

LiquidVPN Review: Conclusion

Although LiquidVPN has been in the privacy space for only a short time, about two years,  it has built a good reputation for the service they offer by paying attention to their customers.  Their network is not one of the biggest but what they lack in quantity, they make up for in quality.  All of their servers have at least 1 Gbps ports with some having 10Gbps, they have 20Gbps DDoS protection on some of their servers, and most of their servers are optimized for P2P traffic.  They have 44 servers in 16 cities spread across 9 different countries with access to over 2000 public IP addresses.  Their no log policy, the transparent way they handle request for information, and their support for payments using the crypto-currency Bitcoin shows that they take their members privacy seriously.

LiquidVPN supports OpenVPN (TCP/UDP), L2TP/IPsec, SSTP, and PPTP protocols which makes their service compatible with mobile devices and even some routers.  They have custom client software for Windows and Mac OS X and a beta app for Android devices.  The have step-by-step installation guides to help their users configure their service with various protocols on Windows, Mac OS, Linux, iOS, Android, DD-WRT routers and other devices.

What I liked most about the service:

• Custom software for Windows and Mac
• New beta app for Android
• No-log policy
• Modulating IP topology to make you more anonymous
• More anonymous ways to pay like Bitcoin
• Experimentation with non-NIST encryption by  using Camellia-256-CBC on a couple of servers

Ideas to improve the service:

• App for iOS devices
• A clearer guarantee with excessive use defined
• Better website navigation

You can use the LiquidVPN service to conduct you daily surfing, your online banking, enjoy your favorite streaming media, keep your traffic secure when using public Wi-Fi networks, or overcome censorship from your local government.  It should be suitable for all of your Internet needs.  Take their service for a test drive and see for yourself.  They offer a 7-day money back guarantee.  This will allow time to review their service and see if it suits your needs.  If you enjoy their VPN, you can sign up for unlimited access with four connections from just $5.75 a month.