Guest Posted ... I have a question for AirVPN staff. I understand that Wireguard key rotation is something Eddie would take care of, which is good. However, using Wireguard with wg-quick in command line is another option for users to connect to AirVPNs wireguard service. I noticed that private and public keys are identical for all wireguard server config files. Would it be possible for AirVPN's config generator to generate config files with unique private and public keys for each individual wireguard server? I believe this would increase the security of AirVPNs wireguard service. Quote Share this post Link to post
OpenSourcerer 1432 Posted ... 18 hours ago, Television said: I noticed that private and public keys are identical for all wireguard server config files. … as they are identical for all OpenVPN config files. What's your point? Quote Hide OpenSourcerer's signature Hide all signatures NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT. LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too! Want to contact me directly? All relevant methods are on my About me page. Share this post Link to post
hardknox 0 Posted ... I've been using bluetit with OpenVPN on a little T620 thinclient running OpenMediaVault. I'm getting better speeds with wireguard but not sure how to set up a killswitch for when the VPN disconnects - to keep traffic from going out unsecured. Thanks for any advice. Quote Share this post Link to post
Raltrine 0 Posted ... Thanks for the quick reply. You have a great product just purchased the full version. I will be anxious to try out the next beta version that has that conversion fix -- let me know and I will send you my order info. Thanks again no rush on the next beta release version -- but let me know and and I can provide you the registration number/etc.. Ben Quote Share this post Link to post
Guest Posted ... will AirVPN implement obfuscation for wireguard like they do with the SSL option? Quote Share this post Link to post
Flx 76 Posted ... On 2/20/2022 at 4:57 PM, neonicacid said: non-standard port (44471 instead of 1637) AFAIK only port 47107 and port 1637 are available. Quote Hide Flx's signature Hide all signatures Guide - EMBY Block ALL interfaces except tap/vpn Windows OS - Configuring your operating system Windows OS - Multi Session/Tunnel Share this post Link to post
Wolke68 5 Posted ... @neonicacid I use it in loadbalacing with 2 Wireguard Tunnels Air gives 2 Ports for Wireguard i use it with /32 for IPv4 and /128 for IPv6 in the clients I am sure you can get it too Quote Share this post Link to post
cheapsheep 6 Posted ... On 12/14/2021 at 4:48 PM, Alex0901 said: The connection work, I see my Client in the Client Area under connected devices but Portforwarding doesn't work. Can anybody help me? Have you also set the correct firewall rules for the portforwarding? You could try to google "How To Set Up WireGuard Firewall Rules in Linux" 😉 Quote Share this post Link to post
Daniel15 14 Posted ... On 2/22/2022 at 1:56 PM, wesolve4 said: will AirVPN implement obfuscation for wireguard like they do with the SSL option? This would have to be something non-standard; it wouldn't work with the regular WireGuard apps. Obfuscation is specifically a non-goal for WireGuard, see https://www.wireguard.com/known-limitations/: Quote WireGuard does not focus on obfuscation. Obfuscation, rather, should happen at a layer above WireGuard, with WireGuard focused on providing solid crypto with a simple implementation. It is quite possible to plug in various forms of obfuscation, however. Something could be layered on top, for example Shadowsocks, or it could be built into a modified WireGuard client and server (which AirVPN would have to implement on their end too). There's an interesting discussion about it here: https://github.com/net4people/bbs/issues/88 Quote Share this post Link to post
Alex0901 0 Posted ... On 2/24/2022 at 7:26 AM, cheapsheep said: Have you also set the correct firewall rules for the portforwarding? You could try to google "How To Set Up WireGuard Firewall Rules in Linux" 😉 Thank you. But the Problem is solved by a static Route. Quote Share this post Link to post
karn 2 Posted ... I am working in an area with internet other than cell When I use openvpn on my iphone, it consumes a lot of data Would using wireguard consume less data and/or speed up the connection? Quote Share this post Link to post
lepremier 0 Posted ... For sure it would speed up the connection, it’s a much faster protocol On 3/6/2022 at 12:53 AM, karn said: I am working in an area with internet other than cell When I use openvpn on my iphone, it consumes a lot of data Would using wireguard consume less data and/or speed up the connection? Quote Share this post Link to post
moejoe 1 Posted ... Hello I'm thinking to give Wg a chance and I want to know if the latency/ping response with Wg is better than with openvpn Does anyone have some experiences and would like to share? Best regards Quote Share this post Link to post
frpergflf 8 Posted ... (edited) On 4/15/2022 at 10:37 AM, moejoe said: Hello I'm thinking to give Wg a chance and I want to know if the latency response with Wg is better than with openvpn Does anyone have some experiences and would like to share? Hi On OpenBSD, WG is quicker than OpenVPN and easier to setup. But on Linux, for my usage I do not notice any speed difference. Edited ... by frpergflf trying to unquote my response (no luck) Quote Share this post Link to post
moejoe 1 Posted ... @frpergflf Hello thnx for reply could u say sth about latency/ping times ? best regards Quote Share this post Link to post
frpergflf 8 Posted ... (edited) 21 hours ago, moejoe said: @frpergflf Hello thnx for reply could u say sth about latency/ping times ? best regards Well on Slackware pinging google gives this: OpenVPN: 64 bytes from xxxxxxxxx: icmp_seq=1 ttl=120 time=37.1 ms Wireguard: 64 bytes from xxxxxxxxx: icmp_seq=1 ttl=121 time=36.5 ms But really, I see no difference in my usage if I am using OpenVPN, Wireguard or no VPN at all. Edited ... by frpergflf grammer 1 moejoe reacted to this Quote Share this post Link to post
moejoe 1 Posted ... Quote But really, I see no difference in my usage if I am using OpenVPN, Wireguard or no VPN at all. Seems no real big difference Thnx for info Quote Share this post Link to post
frpergflf 8 Posted ... I just upgraded to OpenBSD 7.1, using wireguard is even easier than it was on 7.0. These steps apply to 7.1 and they work fine for me: Just follow these instructionshttps://airvpn.org/linux/wireguard/terminal/ except replace sudo with doas(1) and use pkg_add(1) to get wireguard-tools. Note, I use config file name "wg0.conf" just to make the interface look better to me under ifconfig(8) One big change with 7.1, you NO longer need to stop "resolvd". Now resolvd(8) works fine with WG. This means WG works seamlessly with wireguard under OpenBSD 7.1 and I have not had any leaks. Quote Share this post Link to post
nukanaka 0 Posted ... where can i download the wireguard configuration? Quote Share this post Link to post
OpenSourcerer 1432 Posted ... 4 hours ago, nukanaka said: where can i download the wireguard configuration? Select Wireguard in the protocol list of the config generator, rest is similar to downloading OpenVPN configs. Quote Hide OpenSourcerer's signature Hide all signatures NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT. LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too! Want to contact me directly? All relevant methods are on my About me page. Share this post Link to post
Stalinium 44 Posted ... On 2/22/2022 at 1:15 AM, hardknox said: I've been using bluetit with OpenVPN on a little T620 thinclient running OpenMediaVault. I'm getting better speeds with wireguard but not sure how to set up a killswitch for when the VPN disconnects - to keep traffic from going out unsecured. Thanks for any advice. Linux: a custom network namespace that can only talk to the outside world through the VPN tunnel. The setup and use is manual, pretty much the gentoo/archlinux-way. Quote Share this post Link to post
Seebarschtian 5 Posted ... Best VPN-Speed results I've ever had. There is simply no difference. 🤣 Connection: 1G up/down CPU: Intel Core i5-3570k overclocked to 4.30 GHz all core (3.40 GHz Stock) NIC: Realtek PCIe GBE Latency to Mirfak: 6ms Speed shown in Eddie for Windows: qBittorrent Speed Quote Share this post Link to post
karn 2 Posted ... On 3/27/2022 at 1:15 PM, lepremier said: For sure it would speed up the connection, it’s a much faster protocol Ok, download speeds on wireguard are the same. But on cell service WG connects almost immediately, while there is always a noticeable lag on openvpn. As far as connection to ADSL, ther is a slightly longer lag with openvpn and with a highlt speed cable ntework, there is no noticeable connection lag This only refers to iOS 15.4.1 Quote Share this post Link to post
Guest Posted ... Excellent. On my cellphone, it seems i get better speeds with wireguard and also lower battery use(?) On my old laptop, I used to for some reason get extremely low speeds. No matter which server. Maybe a shitty network adapter? I tried everything I could and also reinstalled windows etc to no avail. Anyway, after switching to Wireguard I now get almost full speed (around 44 MB/s) instead of the old 2-6 MB/s. TLDR; Success Quote Share this post Link to post
SurprisedItWorks 49 Posted ... 1 hour ago, ZPKZ said: On my old laptop, I used to for some reason get extremely low speeds. No matter which server. Really old computers may lack the AES-NI instructions that make GCM ciphers efficient. In those cases you'll likely do better in OpenVPN if you configure for the CHACHA20-POLY1305 cipher (the cipher that wireguard uses). I'm not an Eddie user so can't advise there, but if you are setting up OpenVPN using the Air configurator, check the "Advanced" box on the upper right, then scroll down to "Advanced - OpenVPN only" and under "Data Cipher" select "Mobile (prefer CHACHA)". The configuration it generates is not actually specific to phones, but where modern hardware is concerned, it's really only phones (and tablets) that are missing the AES-NI instructions, hence the labeling of this choice. 1 Jacker@ reacted to this Quote Share this post Link to post