Jump to content
Not connected, Your IP: 3.15.147.215
AirVPN
Sign in to follow this  
Followers 0
Zack

wireguard always logs Ip addresses?

By Zack, ... in Troubleshooting and Problems

Recommended Posts

Zack    0

Zack
Posted ...

(maybe wrong forum to post on)
Hello :)
I read that wireguard by design in its default saves connected IP addresses on the server until the server is rebooted.
As far as I know, this is by design as wireguard is made for security first and not privacy and as far as I understand this would go against any VPN`s no-logs policy.
I guess the keyword here is "default" and its possible to setup wireguard on the server side to not log addresses, but I would like some input on this from someone who knows more than me on the subject.

Not that I don't trust Air, its more curiosity of the technology.

Share this post

Link to post

Staff    9767

Staff
Posted ...

Hello!

Yes, what you write is substantially true, although a server reboot is not needed. The matter has become a FAQ and we added an answer to this FAQ here:
https://airvpn.org/faq/wireguard/

In the answer you can see how we patch a specific problem, how you can act through our tools to improve your privacy when you run WireGuard, and all by not breaking original WireGuard compatibility. However OpenVPN under this respect remains widely superior, so consider it according to your threat model and the amount of annoyance you would get to generate new keys after each WireGuard session.

Kind regards
 

blubby and Zack reacted to this

Share this post

Link to post

rx_man123    6

rx_man123
Posted ...
On 7/19/2023 at 4:42 AM, Staff said:

Hello!

Yes, what you write is substantially true, although a server reboot is not needed. The matter has become a FAQ and we added an answer to this FAQ here:
https://airvpn.org/faq/wireguard/

In the answer you can see how we patch a specific problem, how you can act through our tools to improve your privacy when you run WireGuard, and all by not breaking original WireGuard compatibility. However OpenVPN under this respect remains widely superior, so consider it according to your threat model and the amount of annoyance you would get to generate new keys after each WireGuard session.

Kind regards
 

Can you please explain why if this is true:
"The different issue here is that WireGuard keeps this data even if the session is closed.
In AirVPN servers, if no handshake has occurred within 180 seconds, the peer is removed and reapplied. Doing so removes the real IP address from server memory."

Then why do keys still need to be re-generated?
"Our clients can renew their keys whenever they want, forcing a new, random IP address reassignment"

Share this post

Link to post

Staff    9767

Staff
Posted ...
11 hours ago, rx_man123 said:
Then why do keys still need to be re-generated?
"Our clients can renew their keys whenever they want, forcing a new, random IP address reassignment"

Hello!

Because only in this way you change VPN IP address, as already explained.

Kind regards
 

Share this post

Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
  • Security Check
    Play CAPTCHA Audio
    Refresh Image
Sign in to follow this  
Followers 0
Go To Topic Listing
×
×
  • Create New...