All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
No geoblock VPN for Korean streaming! (Wavve, Tving, Coupang Play, Naver TV, Afreeca, Disney)
For 5 years, I tried to get a VPN that has no geoblock, is cheap, and is fast enough for me to watch Korean national team football matches/Olympics/Asian Games/etc. on Korean streaming sites. Recently, I've added live TV streaming, K-drama VODs, and anime to the mix so my demands are way up.
Nothing worked. I mean, they'd sometimes be somewhat watchable at 240p-720p, until 10 minutes before the game. Then it'd all go to complete shit from there, leaving me with significantly elevated blood pressure and no game to watch. The worst times were when I'd stay up or wake up for it and still not get anything, or when a specific company would buy up full streaming rights and it turns out they geo-block my provider.
My ISPs aren't great so YMMV, but if you're in the same boat as me, this post is for you! Save hundreds of dollars and even more hair follicles!
Fails: Cyberghost VPN, Windscribe, NordVPN, KeepSolid, Ra4wVPN, VyprVPN, FastestVPN
Half-fails: PureVPN (somewhat shitty/somewhat okay speed, some geoblock), Vultr (don't remember speed, lots of geoblock), Amazon Lightsail $3.50 tier (very up and down speed, almost-but-not-quite success on geoblock)
Almost-success, found in the last 1-2 years
Express VPN: best speeds among common providers (240p-1080p), almost-but-not-quite success on geoblock
Mudfish VPN: bigger focus on games but works for streaming; depending on which server you choose you could have both fast speeds AND no geoblock, but bandwidth is like $0.11/GB and you pay for both inbound and outbound, so it's actually double that
Finally, success: Any provider running off a fully Korean datacenter.
By fully Korean, I mean no AWS, no Azure, no GCP, no Vultr. They are probably fine speed wise, but certain companies geo-block their IPs regardless of whether those IPs are Seoul-based or not (AWS fares a little better on the geo-block front as some Korean streaming services use AWS and hence don't geo-block the IP range... others still do, though, like Tving and Laftel)
So yes, fully Korean datacenters routed through the big 3 telecom providers KT, SK, and LG are the answer. I had always avoided them because they usually provided tiny base bandwidth allotments, slow international bandwidth, expensive overages, and VPS "setup" costs of like $30 for a $5/mo. VPS. But after weeks and weeks of hardcore searching and testing, I've come up with 3 decent providers with good sustained speeds most of the time, ZERO geoblock, and acceptable prices on their lowest tier ($2-10/mo.). Luck had something to do with it as 2 of the 3 are newly launched cloud services from established companies.
Expats that have been going through the same thing as me should really pitch me a Thanks, as I haven't found this anywhere on the web so far. 
Usually, any Korean asking for a VPN recommendation gets told to pay some major VPN provider that's either not gonna work, or some small VPN provider that might work but is $30/mo. (understandable considering Korea's international bandwidth prices, but I don't want to pay that)
iwinv (SmileServ):
established provider, LG network, VPS, starting price $2, Ryzen (but with 80%+ CPU steal lol), 600GB/mo. included + $0.07/GB thereafter which is $70/TB.
Cafe24:
established provider, KT network, newly launched Cloud service, starts at $5, 1TB/mo. included + $0.14/GB thereafter which is $140/TB.
(VPS is available but has a high setup fee and low bandwidth allotment)
Daou IDC:
established provider, SK network, newly launched Cloud service, starts at $10, 2TB/mo. included + $0.07/GB thereafter, requires manual signup with printed, signed application form scanned and sent over with ID, requires 2FA code from Korean phone number every time you log in to the cloud console; newest Ubuntu available is 18.04
(VPS starts at $8 but I haven't tried it because their newest OS is CentOS 7 lol)
I now keep 2 of these services alive, and have both Wireguard and Outline installed on each. Reason being, I am randomly unable to connect to 1 or both on different computers at different times on different ISPs. Wireguard is much faster when it works. Outline's connections are more stable but the speeds are not, and top speeds are somehow 1/4-to-1/10 Wireguard's.
Note, all providers give you bandwidth of x.xGB/hour or /day that stacks with time, so if you run YABS and immediately delete the server, you'll be charged for overages.
If you're a VPN provider, no, don't think about it, they'll probably ban you unless you pay them their insane bandwidth fees.
Comments
Yes you are right in this review, we colocate our services in KT's datacentre and unfortunately bandwidth is relatively expensive per Mbit.
From what I heard, KT has the best international lines for most people, so great job on your side. You're the first I've seen on LET.
My connection speed to KT seems pretty stable despite the routing being terrible (250ms, bounces from Pacific island to L.A. and then Korea).
I've seen a couple providers using Psychz but those IPs are geo-restricted on about half the streaming services, and there was also another Seoul location provider here using EC2 who recommended against me running hundreds of GBs/mo. through them. First time seeing KT.
True.
Actually, from my experience (South Korean resident), KT has the best international network in terms of Eastern (from South Korea, so Tokyo, LA, etc.), and LG U+ has better Western (so Hong Kong, Singapore, etc.) network. And, AWS has the best overall international line.
So if you're having trouble with latency, you might want to put some kind of proxy or jump host on AWS (Lightsail).
YOU -> AWS (Lightsail) -> KT or sth similar.
For other recommendations here,
They are single-homed LG U+, but they are known to have bad international connection. and NEVER GO WITH THEIR MOTHER BRAND, CLOUDV. They give like 20GB of international bandwidth, and iirc overage is like $0.07/100MB.
iirc you will need a Korean credit card registered to sign up.
Didn't know that they now offer "cloud" services as well
They are a well known company here.
However, they had "not for international VPN usage" on their clause for the VPS lineup, so be careful and always keep a backup just in case
Didn't know they offered Cloud services as well. Always thought of them as a dedi/colo provider. Looks good though
Adding on,
KT's probably the best to Oceania, closely followed by SKB. A lot though is ISP dependent though, I've changed ISPs and suddenly had connection to KT route through USA instead of via HK / JP before
I've found that some lightsail ip ranges unblock tving and wavve which is enough for me. If okay with just one-off streaming of things, I find that vpngate have enough public openvpn nodes that work
That sounds pretty accurate to me.
My home ISP seems to route LG and SK traffic through Hong Kong (120-180ms), and KT through L.A. (250-280ms).
Although why my work ISP routes everything through LA despite being like 20% owned by SK, is a big question mark. You'd think they'd have good routes to their own companies.
AWS (Lightsail) does have amazing ping, like 80-100ms both at home and at work (can't remember if it was through Japan or HK), but speeds have been highly unstable on Outline. Maybe I just need to try again on Wireguard or use the $5 plan instead of the $3.50 one? After my yearlong Tving subscription ends, that is, because I haven't been able to use Tving on the 2 Lightsail IPs attempted.
I'm almost completely clueless at networking stuff. How would I set up the midpoint (AWS) part of the tunnel? Is there a script I could look into for something like that?
$0.07/100MB.
Haha, exactly the kind of thing that prevented me from looking into Korean services more. That and $30 setup fees.
Same, and yes! My first Korean website was on a KRW500/mo. Cafe24 plan lol. And I hated them for the backwards limitations until I really looked and found their Cloud thing. It was working completely fine idling 99% of the time until I canceled.
Oh, they also charge extra for the IP, like $2-3/mo. Without paying for one, you are stuck with only an internal IP.
They're a bit pricy to hold on to for too long, but my home ISP seems to work best with SK's network, and they were the cheapest among the SK options I could find. It's my favorite among the 3 providers despite the company being VERY slow at updating their Linux versions.
Wow, that is news. I guess I need to test Lightsail more. My 2 attempts provided Wavve and Coupang Play access but not Tving. I'm subscribed to the former 2 monthly, and the latter yearly.
You could use a GRE tunnel between the two servers. For example in RHEL ip_gre module is required. For example on https://community.hetzner.com/tutorials/linux-setup-gre-tunnel
However more configuration is required (more than that article) if you are going to use it as VPN.
There's something about connecting to a proxy provider's server which is incredibly far away. The first thing you should be concerning about isn't that of "premium" international connection when looking for providers with geoblock circumventions (though it IS a big plus), just knowing which servers to pair with (relay to) it to "define" your own route. Most of the time if you have done this correctly, you'll have way better performance than just directly connecting to it. For example, KR[-JP]-US or KR-HK-RU(TTK), depending on where you live (North America or Europe). Also, ditching typical VPNs and using encrypted proxies (which are designed to achieve fastest available speed under even worse network conditions, like V2Ray and Hysteria) will also help greatly.
Thanks! I looked at it, I think it's going to be a while before I get familiar enough with these things to modify/troubleshoot that sort of setup lol. I can use apt and fudge with iptables to open/close ports, but that is about it.
There could be multiple ways, but imo the best easiest would be VPNoverHTTP type of services (like v2ray). You could setup an NGiNX reverse proxy (check out NGiNX proxy manager), and use Cloudfront in front of it for some extra AWS-Internal bandwidth boost.
So it could be something like
You -> Cloudfront (Edge) -> AWS Private Backbone -> Lightsail -> VPS
This seems to add some additional layers, but on my testing, AWS's private backbone had really good connectivity to outside regions.
Do note that Cloudfront is now free for the first TB
SK's international line is known to be shit. They have expanded lines to Tokyo and LA thanks to Netflix's high traffic, but still known to be the worst in here.
Geoblocking is stupid and evil. According to the BBC this is Piracy (watch the video). Really - me watching a video off the official website the only place in the world I could watch that at the time using a VPN is piracy?! If it is piracy wouldn't it be the uploader that's at fault not me the consumer? Case in point though on how evil it is - the BBC is a public broadcaster, yet they BLOCK their own ex-pats from their online services. I've got their grubby 2014 piracy submission hosted on my blog, they literally claim that Australians using VPNs to watch BBC iPlayer content are pirating the content. No we're not, that's the official source and if it's copyright infringement it's the BBC committing it not the viewer.
Anyway you may need a residential IP. See if you can get a friend in Korea with good internet to set up a VPN on a Raspberry Pi from their house, that should do the trick. Sorry to hear about your troubles accessing broadcasts from what I presume is your home country as an ex-pat?
SurfShark have SK location at ehostidc Ehostict.. You can check them
https://myip.ms/info/whois/61.14.210.120
I wouldn't trust them with their South Korean location. SurfShark tends to have very inconsistent servers in South Korea. They used to have geolocated IPs for their Korean servers too.
Hello. I am a Korean living in South Korea.
First of all, it's probably hard to find such a VPN.
Basically, in Korea, IP for CUSTOMER and INFRA are thoroughly separated by KISA KRNIC.
In addition, in the case of specific carriers such as LG U+ and SK Broadband, the ISP may be different depending on the IP for CUSTOMER and INFRA, and only KT uses the same ISP (KORNET) regardless of CUSTOMER and INFRA.
So, these services are usually blocked except for the IP for CUSTOMER.
It may be faster to find a service where volunteers share their internet, such as VPNGate.
It definitely works on KT/LG/SK-based providers, as I use my Tving subscription every day these days using the iwinv and Daou servers. Cafe24 worked fine before I deleted it.
I don't know why, but maybe because a lot of corporations run their VPNs through datacenters, and they don't want to block them?
I did use them before but tended to get very very slow speeds. Fine for accessing geoblocked websites, but not for streaming IMO, at least not from my remote location.
There are also free servers on Mudfish that are residential, but they are not operated by Mudfish so I have no idea how safe they are. Speeds also tend to come and go depending on how congested they are.
I've also just installed my Lightsail setup again. Coupang Play and Wavve work fine, just like before. Speedtests to kdatacenter.com are very slow for some reason (0.28-3Mbps), but the streams actually work fine at 1080p. Still no Tving, though.
This isn't actually true from my experience. For example, Cafe24 uses both KT and SK for their webhosting lineup, and the IP I got was from AS9318, which is the same AS that I get for my LTE connection.
LG U+ seems to use multiple ASes, but that also seems to be shared between residential customers and datacenter ones.
I actually queried KRNIC's WHOIS, and this seems to be true. My KT IP shows up a CUSTOMER, while the SK IP shows as INFRA. TIL. Thanks
Maybe Korean streaming services are just a bit less picky about geolocation. Assuming from that they aren't even blocking obvious ranges (such as AWS and iwinv which uses their own ASN).
It may be that the AWS ranges that are blocked are not because of the IP being a datacenter one, but rather the geolocation db isn't updated yet.
I used AWS and some Korean VPS providers to be TVing a few years ago. None worked.
The content providers know the IP is not residential but from data center.
The 3 providers I mentioned above work. If you're still interested, try the 2,400 won plan from iwinv, as that is the cheapest.
This SS taken just now on the same plan, running Wireguard using @Nyr's script.
Tving live:
wget https://git.io/wireguard -O wireguard-install.sh && bash wireguard-install.sh
I will try again. Thanks.
I just saw your post from 2019, telling @sanvit that you don't have a Korean credit card. I don't remember all the details, but if that prevents you from signing up, try Cafe24's new cloud service. They might not require a Korean CC, although I really can't remember for sure.
https://www.cafe24.com/en/infra/cloud/
Daou requires a Korean bank acct/CC, and cell phone number.
If you just need to watch news and stuff and can get a Wavve account, ExpressVPN works with Wavve (my wife uses this combination every day and has never complained). Wavve is the streaming service for KBS, MBC, and SBS live TV and VODs.
My frantic Korean DC search was because I wanted access to ALL Korean streaming services including Tving (tvN, jtbc) and Laftel (anime). That and steady 1080p.
LG U+ ISPs are divided into Xpeed / BORANET / LGTELECOM / PUBNETPLUS / KIDC.
Xpeed is for CUSTOMER only, BORANET is for CUSTOMER and INFRA mixed (But mainly INFRA), PUBNETPLUS is for national institutions only, LGTELECOM is for mobile cellular only, and KIDC is for INFRA only.
SK Broadband basically uses its own ISP (broadNnet), but also uses the parent company, SK Telecom's ISP (SK-TELECOM-NET).
What is certain is that in the case of KT, regardless of whether it is CUSTOMER, INFRA, or mobile cellular, the ISP is indicated as KORNET, so it is not bad to find a VPN that uses KT.
Can't believe this is actually a LET discussion.. do people watch koeran contents now?
anyway, quite surprised no one mentioned oracle cloud.. Recently helped my korean friend in setting up a VPN server, but they only watch linear TV (wavve TV & tving TV), so I don't know in regards of other OTT services.
it works, but I remembered it's a hit and miss in finding the right ip blocks.
Free 10tb/mo, free ARM instance, upstream if I'm not mistaken (in seoul region) are LG DACOM, TATA, and Telstra.
there are other alternatives, some koreans lends their internet as VPN (most are residential), https://www.vpngate.net/en/
Yep, I'm a Korean expat trying to watch Korean TV. And I totally agree about geoblocking being stupid and evil. I don't even have an expensive way to watch all of these without my VPNs.
I also thought about getting a friend to share me his internet connection, but then I realized that 1) I have no friends, and 2) especially not any that I would want to hassle into checking the device's status every time my connection dies. Well, my closest army buddy went into networking after college, but I haven't contacted him in 10 years.
Thanks, I'll try this sometime! I know SK lines are supposed to suck, but my ISPs have weird connections and they seem to work the best for my home ISP. If I'm able to get steady 6-10Mbps off of it, I can cancel my $10/mo. Daou IDC instance.
I thought this would just be my wall of text for the next guy that comes looking 2 years later, had no idea there were other people looking into the same stuff. I think the majority of us in this thread are either Korean residents or expats.
Thanks for sharing! Only thing I read somewhere was that Oracle was geo-blocked. I'll try it sometime!
I needed a similar setup last week.
I have a WireGuard VPN in France with IP 192.0.2.1 but it has congestion from my residential connection.
I want to jump through a server in USA to get around congestion, hoping to pick a different Atlantic submarine cable.
Instead of making GRE/VXLAN tunnel, I simply setup port forwarding on the USA server:
In the WireGuard mobile app, I changed the France IP to the USA IP.
This is the easiest for a temporary setup to test speeds, because there's no routing involved.
Wow, this is interesting and seems like something I could attempt.
Basically, you are forwarding everything that comes in through the USA server's UDP port 51820 to 192.0.2.1:51820, so you wouldn't need to install Wireguard or anything on the USA server, correct? The packets just get passed to the France Wireguard server?
By this, you mean that you changed the user CONF file's Endpoint to the USA server, and the USA server just sends everything to France?
So your CONF file would look something like this?:
OK, not so simple, it seems, lol.
I am doing Home -> AWS (Korea) -> Daou Wireguard (Korea)
I added TCP 51820 because having only UDP 51820 didn't work. But then, it still doesn't work.
Yep I get that. I'm Australian and not an ex-pat but we've got all kinds of people over here as permanent residents - people from UK, US, Europe, South-East Asia, Japan, Korea etc etc. Almost every other country geoblocks Aussies from viewing foreign streams, which of course means that they're denying their expats part of the culture by doing so.
In the EU it's illegal to geoblock other EU nations. But what the true problem is that they want to exercise a level of control over their content that they're not really entitled to do. Publishers didn't want us to have photocopiers or VCRs or even public libraries, now they don't want us to have access based solely on the location of our IPs and not even who is on the other end of that IP whether that's a random Aussie like me or one of their citizens who's a permanent resident over here (or a dual-citizen).
Australia and Korea are quite strong allies as well, so in this instance we're not even talking about a nation we're less friendly with!! Haha. Plus there's a language barrier so ordinary Aussies are going to have no interest in watching Korean telly.
Yes.
I used
iptables.The other option is
socat.The command could be (reference):
Yes, with command line client you can change Endpoint option.
tcpdump(on both servers) can tell you what went wrong.Cloud provider often has firewall at network level, in addition to iptables.
If you see no packet coming from home IP to AWS, this is the reason.
Two rules are needed in iptables nat table.
If the PREROUTING rule is missing, you'll see packets coming from home IP to AWS, but nothing going out.
If the POSTROUTING rule is missing, you'll see outgoing packets from AWS having the source address being the home IP, and such packets would be dropped by network because source IP is "spoofed".
As mentioned above, you can try socat as an alternative to iptables.
You must delete iptables rules (rerun the commands but change
-Ito-D) before running socat.