The use of VPNs is currently banned in China. Discover how to access popular websites with Fortinet and how the Fortinet VPN ensures access despite the Chinese VPN ban.
How to Bypass the VPN Ban in China Using the FortiClient VPN
Virtual private networks (VPNs) are central tools in the Chinese government’s use of global connectivity and secured communications to achieve cyber sovereignty. They are also key to Chinese organizations securing their data and communicating with their foreign headquarters.
As a result, the Chinese government has established “the Great Firewall,” a censorship system that blocks the use of VPNs to prevent interference with its communications and internet connections. The firewall blocks popular internet services and websites to preserve its “state sovereignty” and protect its citizens from cybercriminals and dangerous online activity and content.
Over 20,000 websites are known to have been blocked by the Great Firewall, which acts as the Chinese government’s censorship tool to control which websites its citizens can have access to. These include genuine news websites like The Guardian and New York Times, as well as global social media sites.
However, several legal VPN providers in China enablefor state enterprises like banks and law firms to bypass the Great Firewall, albeit for generous fees. Foreign nationals living in China can also get around the VPN ban by using a tool like the Fortinet VPN.
VPN Ban in China
The Chinese government began banning VPN providers in early 2015 when an update to its Great Firewall made it difficult or impossible to access Astrill, Golden Frog, and StrongVPN, which are three of the most popular VPN services among Chinese people.
In March 2018, the Chinese government made a further attempt to ban VPNs and prevent people from bypassing its Great Firewall. That is in addition to major websites like Facebook, Google, and Twitter having been banned in China for many years to protect its “cyber sovereignty.”
The Chinese government specifically blocked unlicensed VPN services, which means only VPNs that have been officially licensed by the government can operate in the country. As a result, Android and Apple app stores in the country were asked to remove VPN applications and prevent users from downloading them. That is on top of blocking most social networking sites to prevent political discussion and unrest, in addition to popular media websites, productivity apps and work tools, and search engines.
Aside from blocking VPNs and VPN servers, the Chinese government also uses tools like Uniform Resource Locator (URL) filtering, which blocks specific websites or keywords. It also deploys the Domain Name System (DNS) poisoning, which puts websites out of users’ reach, port blocking, and deep packet inspection to restrict internet activity.
Furthermore, the Chinese government issued an order for three of its state-run phone networks, China Mobile, China Telecom, and China Unicorn, which have almost 1.4 billion customers combined, to ban companies operating without a leased internet connection.
These factors combined make communication, daily life, and work incredibly difficult for foreign nationals based in China. It has a major impact on the ability of academics and students, business executives, and software developers to study, get their work done, and communicate with their colleagues, families, and friends in other countries.
Why Is It Illegal to Use a VPN in China?
The VPN ban originally occurred when the country’s ruling political party attempted to clamp down on corruption by leading officials. It attempted to stop the spread of political rumors and prevent discussion of China’s high political issues from being shared outside of the country.
The Chinese government believes wide internet usage disrupts its cyber sovereignty within state borders. As a result, it blocked VPN usage to prevent people and organizations from circumventing its censorship scheme.
Another key purpose of the VPN ban was to ensure that foreign organizations wanting to create private cross-border communications had to set up a dedicated line, which they could lease from China’s telecommunications bureau.
How To Configure the FortiGate FortiClient VPN
The FortiGate FortiClient can be installed and configured using the processes outlined below.
Steps To Install and Set Up the FortiClient VPN from China
The FortiGate FortiClient VPN is a tool that enables Windows users to bypass the Chinese government’s ban on VPNs. It enables users to access the resources they require while in China. Install the FortiClient VPN using this process:
Step 1: Register to use the FortiGate FortiClient VPN.
Step 2: Ensure the device being used has the latest operating system (OS) and has all the latest OS updates installed. Also ensure all security fixes have been updated, in addition to installing antivirus or anti-malware software on the device.
Step 3: Download the FortiClient VPN application at the FortiClient download page.
Step 4: The FortiClientVPNOnlineInstaller_6.4.exe download will appear in the web browser. Double-click on it. Read the license agreement, and if happy to proceed, select “Yes,” then click “Next.”
Step 5: An installation location prompt will pop up on the screen. Install the FortiClient application to the default destination folder C:\Program Files\Fortinet\FortiClient.
Step 6: Select “Install” when the Ready To Install pop-up prompt appears on the screen. Once complete, select “Finish.”
Step 7: Launch the FortiClient VPN application from the Start menu.
The VPN ban in China means that only registered services can be used in the country. Anyone wanting to access blocked sites in China needs to register for a capable VPN service, such as FortiClient VPN.
Accessing popular VPN services is reliant on keeping the application updated, switching on any stealth options available through the VPN, as well as changing connection protocols and server locations. VPN performance may also be affected by slow internet speeds, depending on the user’s location in China.
Fortinet VPN Installation and Configuration
With the FortiClient VPN application installed, the next step is to configure the secure socket layer (SSL) VPN connection, which provides the secure remote access capability using the SSL function built into web browsers. When the FortiClient VPN application launches, it will provide a range of options to set it up. Follow this process to configure the SSL VPN connection:
Step 1: Set the VPN as “SSL-VPN.”
Step 2: Set the appropriate connection name.
Step 3: Set the description to something appropriate, such as “SSL VPN Connection from China.”
Step 4: In the remote gateway field, enter the information for the nearest location or a common location, such as Shanghai: 126.96.36.199 or Shenzhen: 188.8.131.52.
Step 5: Select the “Customize port” option and enter an appropriate port. The two most popular ports are port 80, which is used by decoded Hypertext Transfer Protocol (HTTP) movement, and port 443, which is used encoded by HTTP Secure (HTTPS) traffic.
Step 6: Ensure all other elements have their default settings, including:
- Enable single sign-on (SSO) for the VPN tunnel (remains unticked).
- Client certificate remains set to “None.”
- Authentication remains set to “Prompt on login.”
- Do not enable “Warn Invalid Server Certificate” (remains unticked).
Step 7: Select “Save” to lock in the configuration settings.
Step 8: Select the VPN connection name created in Step 2 from the “VPN Name” option.
Step 9: Enter a VPN username and password and select “Connect.”
Step 10: When the VPN connection is no longer required, open the VPN Connected window and select “Disconnect.”
Advantages of Using the Fortinet VPN
The Fortinet VPN provides a range of high-performance and scalable crypto VPNs that protect users from cyberattacks and secure data in motion. Its VPN technology ensures secure communications across multiple endpoints and networks through Internet Protocol security (IPSec) and SSL technologies.
Fortinet VPNs use hardware-assisted encryption to prevent data breaches and secure data transfers at high speed. The VPNs are integrated with the Fortinet Security Fabric, which secures access to networks while ensuring high performance for users. This guarantees secure application-to-application, machine-to-machine, user-to-machine, and user-to-user communication.
FortiClient brings together a wide range of technologies that enable users to securely access the internet remotely using a VPN. This includes an antivirus solution, an application firewall, anti-exploit tools, two-factor authentication (2FA), vulnerability scans, and web filtering, which controls the content that users can access when they go online.
Benefits of Using the Fortinet VPN from China
The Fortinet FortiClient VPN enables users to access sites that have been blocked by the Chinese government, such as social networking pages and popular news websites. It also enables employees or organizations located in China to use the productivity tools they require to communicate with their colleagues and get their work done.
The FortiClient VPN version 6.4 is available on the following devices:
- Android 4.1 or higher
- Apple iOS 9.0.0 or higher
- Google Chromebook or Google Chrome browsers
- Mac OSX v10.12 Sierra or higher
- Windows 7, 8.1, or 10, in 32- or 64-bit
- Windows 10 and Windows Phone 10 apps
Download the FortiClient VPN to bypass the VPN ban implemented by the Chinese government, and access popular news websites, productivity tools, and social networking sites.