VPN hides all activity from ISP, but if provider logged and stored everything, it would be easy to see encrypted traffic going from your device’s IP to remote IP, which can be checked to be owned by VPN’s company. So are there ways to make it harder or impossible to detect the fact of VPN usage from ISP, to not get into troubles? I understand, that in 99.99% of cases you won’t get in troubles for VPN usage even in countries with VPN forbidden. I also don’t ask about way to stay paranoid anonymous like switching providers every day and other stuff. I’m just curious from a technical point of view, can you hide VPN’s usage and be comfortable (do some scripts, rent a server, etc.)?
Thing that comes to mind is to buy some linux server, deploy VPN there and connect to it from your device. In that case your ISP will see traffic going to some usual server, that is owned by a hosting, just like a lot of web - am I correct? Would proxy (locally or remotely) help? What are your thoughts or examples of usage guys? Any related articles would be appreciated too. Peace 
Obfuscated servers will make it more difficult for automated detection, but if your ISP actually looks at your data flow for whatever reason, it’s pretty obvious if you’re using a VPN.
2 points:
-1. The ISP would need decryption keys to see that data, otherwise they can’t.
-2. Although very rare, some VPN services (like mine) can hide that the traffic is VPN traffic at all.
There are some vpn services that route your traffic through a CDN like Cloudflare before connecting to the VPN. This can also be built yourself. This would hide the VPN traffic and IP address from your ISP.
I’m curious what kind of top-secret clandestine activities require this level of paranoia.
If the ISP sees the encrypted traffic between you (Point A) and your destination VPN server (Point B) they can use various ways to ‘fingerprint’ that it is VPN traffic. The most common way is just looking at the port the traffic uses. Another is looking at the protocols used. Another is looking at the offset of the traffic timestamp. There are some very technical ways they see this stuff. There are also ways to overcome a lot of it (not perfectly - but good enough for your streaming & surfing, non-nationstate stuff).
You can use stealth proxies with xray core, e.g vless + GRPC + TLS, so it will encrypt the data inside TLS, and transport protocol will be GRPC (quite fast than TCP) and ISP can see normal HTTPS traffic. You can watch this tutorial to learn more!
thanks for reply. I read that it allows to bypass blocks, but if someone will decide to look at your traffic manually, it will be obvious, that you’re using VPN. So it’s basically a tool to bypass automated firewalls that recognize VPNs
Asking for or giving VPN provider recommendations isn’t allowed with the exception of the Monthly recommendations megathread:
https://www.reddit.com/r/VPN/comments/x6ah06/monthly_vpn_recommendations_megathread_the_only/
