The exceptionally short answer is: yes.
Let’s look at exactly what VPNs expose to your ISP that allows them to figure it out.
Become a Patron of Ask Leo! and go ad-free!
Connecting to a VPN
There are two characteristics of a VPN that cannot be hidden from your ISP:
- The fact that you are connecting to the IP address owned by a VPN service.
- The fact that your software is connecting to ports associated with standard VPN activity.
Your ISP is responsible for taking a packet of data from you and sending it where it’s supposed to go. The only way it can do that is if it knows where the packet is supposed to go. If you’re using a VPN, that destination will be the VPN’s servers.
In fact, it’s possible that — even though your data is encrypted — the packets of data have overhead information that could also be used to make the determination that it’s travelling over a VPN.
Attempts to hide further
I often see comments that by using a port more commonly used for other purposes — for example, running a VPN over the ports more commonly used for webpage traffic — can hide the fact that you’re using a VPN. This is actually not the case. Your ISP can still see that you’re connecting to a server associated with a VPN service, even if you’re using a non-standard configuration.
Alternate ports and other configurations attempt to bypass firewall rules that might block standard VPN ports. Unfortunately, this remains only partially effective, since the firewall can still see and block access to the entire VPN server.
What the ISP cannot see
It’s important to realize while your ISP can see that you are using a VPN, they cannot tell what you are using it for.
For example, you might connect to askleo.com through your VPN. Your ISP can see only the VPN portion. That you are connecting to askleo.com, and the information being sent to and from askleo.com through the VPN, is encrypted and inaccessible.
Remember, however, that your VPN provider can see everything, just as your ISP might otherwise. In a sense, your VPN is acting as your ISP, as they’re providing the final connection to the rest of the internet.