I wanted to know what protocols you guys use for your VPN?
I’m on ProtonVPN and was confused between the OpenVPN -TCP/ OpenVPN - UDP and WireGuard protocols.
From the little I’ve read/heard, OpenVPN seems to be more resource heavy and limits your speed whereas WireGuard has a flaw in terms of required IP logging at the VPN service provider ( though the VPN companies regularly purge these logs).
Just wondering what you guys use, and why?
First off, I just want to say welcome to the forum!
I still feel so new to the privacy community! I used Proton myself, and I usually default to WireGuard, and I’ve only ever used TCP a few times because I’ve run into issues using WireGuard. Unfortunately, I can’t remember why I changed it. Just something wouldn’t work!
When I was using a VPN I always used wireguard.
In my findings - wireguard is ‘mostly better’ in all regards… certainly less resource intensive and always faster.
ProtonVPN utilizes a double-NAT setup with WireGuard which negates the privacy concern you mention. With providers that have WireGuard properly set up, there’s no reason to not use it, unless it just doesn’t work for you for whatever reason.
Thanks for that, Jonah!
Is WireGuard inherently better than OpenVPN protocols? Why?
Yes, it’s more performant and the code is drastically simpler than OpenVPN (less code = lower attack surface, i.e. less likelihood of finding major bugs hidden in a giant codebase).
WireGuard is far simpler and leaner than OpenVPN. This means WireGuard has a much smaller attack surface in addition to significantly better performance.
- That performance is improved even further when using WireGuard as a kernel module as opposed to a pure userspace implementation, as is possible on Linux, BSD, and rooted Android.
WireGuard supports roaming, so your connection will seamlessly reconnect if your internet connection changes, unlike OpenVPN which will simply drop the connection.
WireGuard uses some of the most modern and secure cryptography available, while OpenVPN is getting a bit dated in terms of its cryptography (although it is by no means insecure).
WireGuard is point‑to‑point, whereas OpenVPN necessarily requires a server‑client relationship.
These are the key advantages of WireGuard as a protocol. Not all of them are relevant in the context of commercial VPN services, and of course custom clients may behave a little differently from the upstream WireGuard and OpenVPN reference clients.
WireGuard is also considerably easier on battery life, especially on mobile devices
For now, Windscribe almost always Wireguard, on rare occasions IKEv2.
I am sad that Wireguard is not supported by Proton on Linux =(
Also worth noticing that I was a bit tricked by Techlore | VPN Chart since it says Wireguard is in fact supported by Proton, but I would say it is missing this asterisk about Linux.
You do not have to use the official app to use WireGuard. WireGuard configuration files are available - Proton VPN Support and install WireGuard and you are ready to go.
So A little update on this topic…I recently tried ProtonVPN (Free) and didn’t really like it, maybe the Pro plan would have swayed me?
Anyways, just purchased a one month sub to Mullvad, and so far, so good. No connection issues, and speeds (local servers in USA) are pretty good. Wireguard is default for Android, too. Most likely will stick with Mullvad and let my Windscribe sub run out in Sept.