[COMPLETED] WireGuard beta testing available

[Guest]

I have a question for AirVPN staff.

I understand that Wireguard key rotation is something Eddie would take care of, which is good.

However, using Wireguard with wg-quick in command line is another option for users to connect to AirVPNs wireguard service.

I noticed that private and public keys are identical for all wireguard server config files.

Would it be possible for AirVPN's config generator to generate config files with unique private and public keys for each individual wireguard server?

I believe this would increase the security of AirVPNs wireguard service.

[OpenSourcerer 1435]

18 hours ago, Television said:

I noticed that private and public keys are identical for all wireguard server config files.

… as they are identical for all OpenVPN config files. What's your point?

[hardknox 0]

I've been using bluetit with OpenVPN on a little T620 thinclient running OpenMediaVault. I'm getting better speeds with wireguard but not sure how to set up a killswitch for when the VPN disconnects - to keep traffic from going out unsecured. 

Thanks for any advice. 

[Raltrine 0]

Thanks for the quick reply.

You have a great product just purchased the full version.

I will be anxious to try out the next beta version that has that conversion fix -- let me know and I will send you my order info.

Thanks again no rush on the next beta release version -- but let me know and and I can provide you the registration number/etc..

Ben

[Guest]

will AirVPN implement obfuscation for wireguard like they do with the SSL option?

[Flx 76]

On 2/20/2022 at 4:57 PM, neonicacid said:

non-standard port (44471 instead of 1637)

AFAIK only port 47107 and port 1637 are available. 

[Wolke68 5]

@neonicacid

I use it in loadbalacing with 2 Wireguard Tunnels 
Air gives 2 Ports for Wireguard

i use it with /32 for IPv4 and /128 for IPv6 in the clients 

I am sure you can get it too 

[cheapsheep 6]

On 12/14/2021 at 4:48 PM, Alex0901 said:

The connection work, I see my Client in the Client Area under connected devices but Portforwarding doesn't work.

Can anybody help me?

Have you also set the correct firewall rules for the portforwarding? You could try to google "How To Set Up WireGuard Firewall Rules in Linux" 😉

[Daniel15 14]

On 2/22/2022 at 1:56 PM, wesolve4 said:

will AirVPN implement obfuscation for wireguard like they do with the SSL option?

This would have to be something non-standard; it wouldn't work with the regular WireGuard apps. Obfuscation is specifically a non-goal for WireGuard, see https://www.wireguard.com/known-limitations/:

Quote

WireGuard does not focus on obfuscation. Obfuscation, rather, should happen at a layer above WireGuard, with WireGuard focused on providing solid crypto with a simple implementation. It is quite possible to plug in various forms of obfuscation, however.

Something could be layered on top, for example Shadowsocks, or it could be built into a modified WireGuard client and server (which AirVPN would have to implement on their end too). There's an interesting discussion about it here: https://github.com/net4people/bbs/issues/88

[Alex0901 0]

On 2/24/2022 at 7:26 AM, cheapsheep said:

Have you also set the correct firewall rules for the portforwarding? You could try to google "How To Set Up WireGuard Firewall Rules in Linux" 😉

Thank you. But the Problem is solved by a static Route.

[karn 2]

I am working in an area with internet other than cell When I use openvpn on my iphone, it consumes a lot of data 
Would using wireguard consume less data and/or speed up the connection?

[lepremier 0]

For sure it would speed up the connection, it’s a much faster protocol 

On 3/6/2022 at 12:53 AM, karn said:

I am working in an area with internet other than cell When I use openvpn on my iphone, it consumes a lot of data 
Would using wireguard consume less data and/or speed up the connection?

[moejoe 1]

Hello
I'm thinking to give Wg a chance and I want to know if the latency/ping response with Wg is better than with openvpn
Does anyone have some experiences and would like to share?

Best regards

[frpergflf 8]

On 4/15/2022 at 10:37 AM, moejoe said:

Hello
I'm thinking to give Wg a chance and I want to know if the latency response with Wg is better than with openvpn
Does anyone have some experiences and would like to share?


Hi
On OpenBSD, WG is quicker than OpenVPN and easier to setup.  But on Linux, for my usage I do not notice any speed difference.
 

Edited ... by frpergflf
trying to unquote my response (no luck)

[moejoe 1]

@frpergflf

Hello thnx for reply

could u say sth about latency/ping times ?

best regards

[frpergflf 8]

21 hours ago, moejoe said:

@frpergflf
Hello thnx for reply
could u say sth about latency/ping times ?
best regards

Well on Slackware pinging google gives this:
OpenVPN:
64 bytes from xxxxxxxxx: icmp_seq=1 ttl=120 time=37.1 ms

Wireguard:
64 bytes from xxxxxxxxx: icmp_seq=1 ttl=121 time=36.5 ms

But really, I see no difference in my usage if I am using OpenVPN, Wireguard or no VPN at all.
  Edited ... by frpergflf
grammer

[moejoe 1]

Quote

But really, I see no difference in my usage if I am using OpenVPN, Wireguard or no VPN at all.

Seems no real big difference
Thnx for info

[frpergflf 8]

I just upgraded to OpenBSD 7.1, using wireguard is even easier than it was on 7.0.  These steps apply to 7.1 and they work fine for me:

Just follow these instructions

https://airvpn.org/linux/wireguard/terminal/

except replace sudo with doas(1) and use pkg_add(1) to get wireguard-tools.

Note, I use config file name "wg0.conf" just to make the interface look better to me under ifconfig(8)

One big change with 7.1, you NO longer need to stop "resolvd".  Now  resolvd(8) works fine with WG.  This means WG works seamlessly with wireguard under OpenBSD 7.1 and I have not had any leaks.

 

[nukanaka 0]

where can i download the wireguard configuration?

 

[OpenSourcerer 1435]

4 hours ago, nukanaka said:

where can i download the wireguard configuration?

Select Wireguard in the protocol list of the config generator, rest is similar to downloading OpenVPN configs.

[Stalinium 44]

On 2/22/2022 at 1:15 AM, hardknox said:

I've been using bluetit with OpenVPN on a little T620 thinclient running OpenMediaVault. I'm getting better speeds with wireguard but not sure how to set up a killswitch for when the VPN disconnects - to keep traffic from going out unsecured. 

Thanks for any advice. 

Linux: a custom network namespace that can only talk to the outside world through the VPN tunnel. The setup and use is manual, pretty much the gentoo/archlinux-way.

[Seebarschtian 5]

Best VPN-Speed results I've ever had. There is simply no difference. 🤣

Connection: 1G up/down
CPU: Intel Core i5-3570k overclocked to 4.30 GHz all core (3.40 GHz Stock)
NIC: Realtek PCIe GBE
Latency to Mirfak: 6ms

Speed shown in Eddie for Windows:


qBittorrent Speed

[karn 2]

On 3/27/2022 at 1:15 PM, lepremier said:

For sure it would speed up the connection, it’s a much faster protocol 

Ok, download speeds on wireguard are the same.
But on cell service WG connects almost immediately, while there is always a noticeable lag on openvpn. As far as connection to ADSL, ther is a slightly longer lag with openvpn and with a highlt speed cable ntework, there is no noticeable connection lag
This only refers to iOS 15.4.1

[Guest]

Excellent. 
On my cellphone, it seems i get better speeds with wireguard and also lower battery use(?)

On my old laptop, I used to for some reason get extremely low speeds. No matter which server. Maybe a shitty network adapter? I tried everything I could and also reinstalled windows etc to no avail.

Anyway, after switching to Wireguard I now get almost full speed (around 44 MB/s) instead of the old 2-6 MB/s.
TLDR; Success

[SurprisedItWorks 49]

1 hour ago, ZPKZ said:

On my old laptop, I used to for some reason get extremely low speeds. No matter which server.

Really old computers may lack the AES-NI instructions that make GCM ciphers efficient.  In those cases you'll likely do better in OpenVPN if you configure for the CHACHA20-POLY1305 cipher (the cipher that wireguard uses).  I'm not an Eddie user so can't advise there, but if you are setting up OpenVPN using the Air configurator, check the "Advanced" box on the upper right, then scroll down to "Advanced - OpenVPN only" and under "Data Cipher" select "Mobile  (prefer CHACHA)".  The configuration it generates is not actually specific to phones, but where modern hardware is concerned, it's really only phones (and tablets) that are missing the AES-NI instructions, hence the labeling of this choice.