VPN.ac Review and Test Results 2017
VPN.ac is a smaller VPN service based in Romania that was created by a team of network security professionals. Their apps are stable and include excellent privacy and security features. VPN.ac’s server network consists entirely of dedicated premium servers which provide you with fast speeds and reliability.
Despite being a lesser-known VPN service, VPN.ac is an excellent choice for privacy and security-focused users. While the minimal connection logs are a minor drawback, all data is erased on a daily basis. Overall, VPN.ac performed very well in all testing for this review and earned a strong recommendation.
- Highest security standards for VPN server network (dedicated premium servers, with self-hosted encrypted DNS)
- Excellent speeds with plenty of available bandwidth at all times
- Multi-hop (double VPN) server configurations available
- Great obfuscation features with many different encryption options
- Professional and prompt tech support (no “cut and paste” answers)
- Low price for a very advanced VPN (good value)
- Minimal connection logs (no activity, erased daily)
Passed all tests.
VPN.ac offers four different pricing tiers, with the lowest price being for the annual plan at $4.80 per month.
VPN.ac offers many payment methods, including anonymous payment options, such as Bitcoin and various gift cards:
- Credit cards
- 100+ US gift cards
- Mobile/SMS options and more…
Refund Policy – VPN.ac offers a 7 day money-back guarantee refund policy, without any tricks or hidden bandwidth clauses.
Company information and jurisdiction
VPN.ac is a product of Netsec Interactive Solutions, an IT security company established in Romania in 2009. According to their website, all of the founding team members have extensive experience in IT security, providing solutions for military, banks, and other public institutions.
Jurisdiction – VPN.ac is based in Romania, which is an excellent privacy jurisdiction. Romania is not a member of the 14 eyes spying alliance or a close ally of major spying regimes. Private data is also protected in Romania, with data retention being officially declared unconstitutional by the Romania Constitutional Court in 2014.
Platforms and applications
VPN.ac supports many different devices and platforms. They offer applications for Windows, Mac OS, iOS, and Android. Their website also includes clear instructions for other devices, including Linux and router guides.
If you are interested in using a VPN on a router, VPN.ac is a solid choice because their premium network offers plenty of bandwidth, high security, and excellent speeds.
I tested VPN.ac out with an Asus router and found it to work well. See this step-by-step guide for getting VPN.ac setup on an Asus router.
Application test results
The test results for both the Windows and Mac OS clients were excellent.
There were no crashes, bugs, or any problems to report.
Here’s the VPN.ac Windows client, which shows the basic features and layout under the “Main” tab.
Within the main features screen, it’s easy to switch server locations, VPN encryption protocols and ports.
Double-hop VPN feature – One excellent privacy feature is the ability to utilize a “Double-Hop” server setup. This allows you to use an encrypted VPN tunnel across two different locations, before your internet traffic leaves the VPN. There are currently 18 double-hop options, with more on the way.
Utilizing multi-hop VPN configurations is one of the one of the best ways to increase your online anonymity and protect yourself from targeted surveillance.
To connect quickly to a server without opening the application, you can just click the VPN.ac icon and select a location.
VPN.ac offers six different encryption options. This allows you to select the encryption strength depending upon how much privacy and security you want.
The default encryption protocol is OpenVPN ECC – ECC stands for Elliptic Curve Cryptography. This provides a good combination of speed and security. The VPN.ac website further explains explains their different encryption options:
- PPTP: 128-bit MPPE (keep in mind that the protocol itself is broken so the encryption is pretty much useless per se)
- L2TP/IPSec: 256-bit AES and RSA-2048 (with Maximum Strength Encryption enabled in manual setup or with our software)
- OpenVPN 128-bit BF: 128-bit BF-CBC for data channel, RSA 2048 for keys and SHA1 HMAC (preferably to be used only on devices that do not currently support AES/custom OpenVPN settings, e.g. Synology NAS)
- OpenVPN 128-bit AES: 128-bit AES-CBC for data channel, RSA 4096 for keys and SHA256 HMAC
- OpenVPN 256-bit: 256-bit AES-CBC for data channel, RSA 4096 for keys and SHA512 HMAC
- OpenVPN ECC: 128-bit AES-CBC for data channel, Elliptic Curve using curve secp256k1 for keys and SHA512 HMAC
- OpenVPN XOR: 128-bit AES-CBC for data channel, RSA 4096 for keys and SHA512 HMAC
Optimize performance – Having different encryption options helps you to optimize performance with your VPN. Testing out different encryption protocols and ports is a good idea if you are in an area where VPN use is restricted.
Obfuscation features to defeat VPN blocking
VPN.ac offers many benefits if you’re in a location where VPNs are being blocked. This is becoming increasingly common in various countries, as well as with schools, work networks, and even some internet service providers.
VPN.ac offers a variety of obfuscation features to defeat VPN blocks. These include the OpenVPN XOR and OpenVPN ECC encryption protocols, port configuration options, and specific servers to evade blocking.
Based on my research, VPN.ac is one of the best options for people in China, where VPNs are routinely blocked.
The one drawback in terms of privacy is that VPN.ac keeps connection logs. Here’s the exact explanation on logs from the VPN.AC website:
Do you log/monitor my activity? What logs do you keep on servers?
No, we do not log/monitor any kind of user activity such as visited web-sites, emails, files transferred, instant messages, DNS queries etc.
We do, however, keep some connection logs (to our VPN service) for security and support purposes. These are kept on a separate, encrypted server (located in an undisclosed location) and are automatically erased on a daily basis. We don’t keep any logs on servers, not even common Linux daemon logs.
Keeping these logs also help us in identifying potential attacks against our service, such as brute-force and even some MiTM attack vectors.
Overall this isn’t too concerning in my opinion. I like how they are being honest and transparent about their policies.
Nonetheless, if you’re looking for a strictly no logs VPN service there are a few good alternatives:
- Perfect Privacy (€8.95; based in Switzerland) – read review
- VPNArea ($4.92; based in Bulgaria) – read review
- ZorroVPN ($8.90 with discount; based in Seychelles) – read review
VPN.ac’s server network is both secure and fast. One of the biggest issues affecting VPN speed is the number of people using the VPN server at a given time. Many VPNs oversell their services, resulting in slow speeds and dropped connections.
You can clearly see this is not the case with VPN.ac by looking at their server network bandwidth stats in real time. Simply select “VPN Nodes Status” at the top of their website.
As a regular VPN.ac user, I have yet to find their servers overloaded with users. Here is a screenshot I took illustrating bandwidth at various server locations.
No virtual private servers (VPS) – Another important aspect when examining VPN servers is whether they’re using virtual private servers, or dedicated (bare metal) servers for their VPN nodes. Here is VPN.ac’s server explanation from the website:
We use dedicated servers on our VPN nodes, mostly consisting of powerful E3 and E5 Xeons with hardware AES crypto acceleration. Running VPN gateways on VPS/cloud instances is a security risk. Moreover, running VPN nodes on dedicated hardware can be as 10x or even 20x times more expensive than running on virtual servers, hence the reason why we don’t advertise ‘hundreds’ of locations but focus on fewer, where security is done properly and the bandwidth capacity is enough to ensure a fast and reliable service.
The security and privacy benefits of using dedicated servers cannot be overstated.
No fake server locations – I also tested a number of VPN.ac servers to verify their true locations. Every server I tested checked out. (Many of the larger VPN providers utilize fake (fictitious) server locations. See this article for an overview of this topic.)
Speed and reliability test results
VPN.ac offers great speeds. I can regularly get around 100 Mbps with nearby servers. Here is a recent speed test with VPN.ac’s Amsterdam server:
Here is a speed test using VPN.ac’s London server (which is further away from my location):
Reliability testing – In terms of overall reliability, VPN.ac also performed well:
- Connecting to different VPN servers was always fast and simple (no timed out connection problems).
- Speeds were consistently fast without any dropped connections.
- The applications and features worked without any glitches or problems to report.
VPN.ac does well in the performance category.
Privacy and security test results
In terms of privacy and security, VPN.ac again does well.
As you can see with the VPN.ac Windows client below, they have all the basic privacy and security features you need.
You can read more about the VPN.ac privacy and security features on the website.
I used a variety of different tests to check for IP leaks, DNS leaks, and WebRTC leaks, which are all explained in detail here.
The results were perfect: no leaks were found.
The result below is from one of their Netherlands VPN servers.
DNS leak protection – VPN.ac also does a great job of ensuring there are no DNS leaks by using property DNS resolvers. From the their website:
We protect DNS queries against MitM hijacking and snooping, wiretapping. We have our own, private DNS resolvers outside of US and UK. All DNS queries sent by VPN users are forwarded by our VPN servers to the private resolvers, through encrypted tunnels.
We are using an unique and clever way to overcome this risk [of 3rd party DNS resolver monitoring], by running a query generator service on each DNS resolver. Specifically, We are generating over 10 million DNS queries to existing domains each day. Those queries are generated randomly, at a high rate, and are mixed with the DNS queries of our customers. Basically, we are generating “noise” and it’s virtually impossible to match a user’s DNS queries within the “flood” of queries sent by us to DNS root servers directly. Therefore, if a 3rd party is ever going to wiretap our DNS resolvers, it will be totally ineffective.
And the DNS leak testing results: no leaks.
The result below is from testing one of their Netherlands servers using the Perfect Privacy DNS leak test:
Conclusion on privacy security features: excellent.
Website and support
The VPN.ac website is informative and straight-forward. It includes:
- Useful VPN information
- Privacy and security tips
- Server status page
- Detailed setup tutorials for different devices and platforms
They are also currently offering a discounted one week trial, which you can find on the website under the FAQ section.
Support – The support team is also top-notch based on all my interactions. They do not outsource support and handle all requests internally with their own professional staff.
Support is offered through tickets (email), and reply times were fast with all my inquiries (usually same day).
VPN.ac Review Conclusion: Recommended
VPN.ac may just be one of the best-kept secrets in the VPN market. As a smaller provider that puts minimal emphasis on marketing, it goes largely unnoticed. Nonetheless, it excelled in all testing for this review and offers many benefits in terms of privacy and security. Based on the overall performance and testing results, VPN.ac remains one of the top recommendations on RestorePrivacy.
If you are looking for a high-quality VPN service with excellent overall performance, strong privacy features, and tough encryption, VPN.ac is worth consideration.