Wireguard for a better VPN experience
Wireguard is a modern open source VPN protocol which aims to be fast and secure. And, in my own personal experience and testing, It is always my first choice for VPN connections. I’ll quickly outline some benefits in this article. But first…
What is a VPN
A VPN allows you to connect to a remote network as if you were directly connected to the network. Commonly it used for remote workers to access their corporate network servers. VPNs are also used to get around location restrictions, censorship issues, and privacy concerns. For example, someone could potentially use a VPN to access YouTube videos which have been blocked in their country by using a VPN connection in a country without the restrictions. A VPN essentially allows you to mask your true location to the server/site you are connected to. It also hides your browsing habits from your ISP, because all your traffic goes via the VPN connection. Your ISP only sees that data is being sent/transmitted from the VPN server location, but not the actual sites you are browsing.
And Wireguard?
There are a number of different protocols used for VPN connections, and Wireguard is the most modern of these protocols. It has been designed to be simple to setup, secure and fast!
Why use it over other protocols
To quickly sum it up; “It’s fast”. Fast to connect, and fast to use. I personally have used a VPN service for a number of years, and always defaulted to using the OpenVPN protocol. Once Wireguard was added as an option to the provider I was using, I switched immediately. This is what I noticed straight away:
- Initial connection to the VPN was almost instant (~30s for OpenVPN).
- Connection speeds were near non VPN speeds, compared to a noticeable slowing using OpenVPN.
What are the downsides?
The only real downside I know of is that Wireguard assigns an IP Address to you when you connect to the VPN. This address is reused each time to reconnect to the VPN server, and so could potentially be used to track your usage. VPN providers are aware of this shortcoming in the protocol, and many have implemented workarounds to keep your connection anonymous.
Some real world usage
I personally have used the Wireguard implementations of both TorGuard, and Surfshark. Both providers have worked around the potential privacy issues of the Wireguard protocol, and both services connect quickly and transmit data at near non VPN speeds. Regular browsing seemed unaffected, and download speeds via the browser and bittorrent were full speed compared to downloads without the VPN.
TorGuard currently allows the generation of manual configuration files which can be used with the official Wireguard clients. Although, using the manual config files i believe does not utilise the privacy enhancing features that has been added. So it could be a potential privacy concern. The config files do however have the annoying property that they need to be regenerated if you disconnect for more than 15mins (i believe). While I understand this limitation has been implemented to protect your privacy, It’s still a little annoying. I also tried the iOS and macOS apps from TorGuard, and ran into issues with the mac app in particular. I just couldn’t get it working…. 🤷♂️ The apps I believe are built using Qt, so miss out on all that macOS and iOS finish I am used to seeing… (scroll bars and buttons look particularly out of place)
Surfshark does not currently have an option to generate manual config files, so you are stuck with using their apps. Fortunately, the apps work well (and look great). I particularly liked the option to connect via multiple locations to improve anonymity.
The only shortcoming i found to using the Wireguard VPN longterm on my iPhone, was that Spotify downloads would not work. I didn’t try to get to the bottom of that, and perhaps there were workarounds? But because Wireguard is so quick to connect/disconnect, I would just disable my VPN connection when I wanted to download a podcast, and then reconnect.
In short, if you currently use a VPN and your provider gives the option of using Wireguard. Do it! 👍