• ozymandias117@lemmy.worldEnglish
    12·
    1 year ago

    One of the selling points Jason had for WireGuard is that it’s less likely to be misconfigured

    I’d probably argue WireGuard is security first, and can be used for privacy

    IIRC the saving of IP addresses in memory is part of the design to allow you to keep connected to the VPN even if your network connection changes, e.g. when switching from WiFi to 5G

    Not to say there aren’t any downsides, just that you already need to implicitly trust your VPN provider either way

    The UDP only issue is really unfortunate for networks that try to block anything not HTTP

  • Tibert@compuverse.ukEnglish
    7·
    1 year ago

    On the website :

    Wireguard is clearly seen by firewalls as a VPN by only allowing UDP packets

    However proton Vpn în their app, they have a “wireguard TCP” setting.

    Which is also confusing as on their wireguard marketing page, there is a faq where they say openvpn supports tcp in a ways as it supports TCP but not wireguard.

    • flatbield@beehaw.orgEnglish
      1·
      1 year ago

      This is my issue with Wireguard. It is not good a firewall traversal. On restrictive nets really you have to get out via TLS port 443. No other way often works. So for the traveler OpenVPN TCP option can be way better. Nice to see Proton has a solution.

      The other problem with Wireguard is that it is not necessarily as anonymous. The good VPN providers had to do special things to make that so.

      Other then that, Wireguard is wonderful in terms of performance and presumably security too.