Hello all!
I have been out of the piracy game since a little before mullvad lost port-forwarding; I know these things are ever changing, and to my understanding ivpn is a good bet at this moment in time.
I was wondering what everyone else has been using. As well as if anyone has tried the gui client for ivpn either built from source or the AUR build(I do use arch btw).
I am open to any vpn client that has a good reputation in the community, and build-able from a repository; A gui is preferred but not necessary, and absolutely NO account creation (Except for generic account numbers of course).
Thanks in advance for anyone who takes the time to answer.
Mullvad. The others have horrible apps on Linux.
Tbf, you don’t really need any app. With Mullvad I just download configuration files and import them in KDE. It really is dead simple. Now enabling VPN at will is just two clicks with the possibility do make it automatic with three to four clicks.
Mullvad doesn’t support port forwarding anymore. I use airvpn and you can just use the native WireGuard (or OpenVPN if you’r crazy) apps on different platforms if you want.
I use Wireguard on Mullvad. I don’t know what you’re talking about 🤷♂️
Wait why “if you’re crazy”? I know wireguard is faster but is there something I’m missing?
No, you are not missing anything. Wireguard is just much better.
I have heard that it is impossible to have no logs with wireguard because the configuration requires an static IP log and public key or something similar which normal openVPN doesn’t, so it breaks the “no log” policy.
I am not suse how correct that is, but that was a discussion earlier.
Here is what Mullvad has to say about that: https://mullvad.net/en/help/why-wireguard/
#Is it true that a user’s public IP must be logged in order for WireGuard to work?
No. When using WireGuard, your public WireGuard IP address is temporarily left in memory (RAM) during connection. By default, WireGuard deletes this information if this server has been rebooted or if the WireGuard interface has restarted.
For us this wasn’t enough, so we added our own solution in that if no handshake has occurred within 600 seconds, the peer is removed and reapplied. Doing so removes the public IP address and any info about when it last performed a handshake.
If you want to hide your public IP even more, use multihopping.
#Is logging of any user activity required in order for WireGuard to work?
No. There is never a need to log user activity no matter if you’re using OpenVPN or WireGuard.
#What are your thoughts on the internal WireGuard IP address being static?
We acknowledge that keeping a static IP for each device, even internally, is not ideal.
Why? Because if a user experiences WebRTC leaks, that static internal IP address could leak externally. As another example, applications running on your device can find out your internal IP, and if you’ve installed software that is malicious, it can also leak that information.
And theoretically, a static internal IP that is leaked, together with obtaining a payment record, could help to identify a user. (Dive into the payment info we handle for a fascinating read.)
Having said that, we still believe that WireGuard overall is in a better state than OpenVPN.
##Solutions to the problem
You as a user can mitigate this issue in two ways:
- When connected to Mullvad, perform a Connection check. If you’re not safe from WebRTC leaks, take necessary action.
- Never download and install applications that you don’t trust.
The Mullvad VPN app automatically replaces the WireGuard keys once a week.
We also want to see the WireGuard protocol itself improved, which is why we’re taking part in the development of WG-dynamic. This implementation will give the ability to dynamically assign a new internal IP every time a connection is made.
Ah, nice. No issue for mullvad then. I wonder if other VPNs do something similar. Otherwise they.could be stored for multiple months.
Tbf, you don’t really need any app. With Mullvad I just download configuration files and import them in KDE. It really is dead simple. Now enabling VPN at will is just two clicks with the possibility do make it automatic with three to four clicks.
you should use openvpn in difficult network configurations such as college dorm blocking everything except tcp 443 and tcp 80 or with old clients that don’t support wireguard
ProtonVPN’s interface is fine
Is it? I couldn’t get it to auto connect at start. Which makes the all idea of having a VPN senseless IMHO.
It integrates like a normal VPN in GNOME, you get a button in the quick settings tray.
Could not get it to work on Mint. Support could not as well.
I’m on Fedora GNOME, so YMMV. Might be a GNOME-centric software.
Maybe.
Removed by mod
I’ve been a ProtonVPN user for years and they have been rock solid since day one. It’s also convenient for me as I have moved away from Google services and replaced them with Proton’s other applications.
I just decided to make the switch to protons services last week, so far it’s working well enough. I haven’t found a good way to automatically backup photos from my phone to my proton drive in an organized way though…
Proton Drive is beta at best… i works, just not how normie end user would expect. there work orders. But I am too lazy to set it up
Mullvad!
What about the removal of port forwarding?
deleted by creator
Holy shit, thank you for that information; I will definitely ensure I use a client with those vulnerabilities patched!
Ivpn would be your best choice I think. I’m using proton VPN after mullvad abandoned port forwarding (why oh why did they do that!), but their client for Linux is basic but they are developing a new one at the moment. So port forwarding is a bit difficult to setup (but they do have it).
Sorry but your wording is a bit confusing. Are you saying that Proton have port forwarding but it’s difficult to set up? And is Mullvad developing a new client or is it Proton? And how does IVPN fit into the picture, do they not have any of these limitations as Proton/Mullvad?
Sorry haven’t had coffee yet. So in short:
Proton has port forwarding but difficult to setup on Linux. They are developing a Linux client more feature rich where hopefully oort forwarding will be an ease just like the windows client they have. Ipvns client for linux I think has this feature but needs verification since last time I looked was more than I months ago.
Thanks for the information; I already use proton mail plus to have all of my email domains under one, easy to sort inbox. However, I don’t wish to perform illicit activities on something with my legal name attached!
Well they claim they don’t have a logs policy plus they don’t monitor traffic… I stopped caring about this some time ago haha.
Then your only option is ivpn I guess.
Yeah, still I can only take the company’s word to any of these claims. After further research it looks like IVPN doesn’t have port forwarding anymore either; If I do go the VPN route, I may still test my seeding speed with Mullvad as I’ve used them for a number of years.
Oh they don’t support port forwarding? Hmm I couldn’t find this but , too bad. I guess I have to wait and see the Proton’s implementation.
Windscribe works for me. You can either use their software which is open source or create personal VPN configs on their site to use it with your distros network manager.
They’re the best!
+1 to Mullvad. I only switched to NordVPN because I wanted to use an IP address from a country they have servers on.
i’ve been using mullvad for almost a year with zero issues. fast, cheap and reliable.
ProtonVPN came with my Proton plan so I decided to try it. Works great on all my Linux distros, haven’t had any problems. Kill switch works too, bind your torrent software of choice to the VPN device and you should be good to go.
Make suse to use one of the P2P specific servers for best performance.
No nasty letters from my ISP yet!
Have you been able to get ProtonVPN to work with WireGuard on Linux? I believe their VPN client on Linux only uses OpenVPN and I’ve tried to pull a WireGuard config file for a P2P server but every time I try to use it, I get no connection.
I haven’ tried that naw, sorry :/
I enjoy ProtonVPN and other services that come with the premium subscription. Proton Pass with email aliases is a very good addition.
Seconding this, Proton has been super easy to work with, and the ProtonPass alias feature just works beautifully
Airvpn with wireguard client prolly. I would just get a seedbox tbh roughly the same price but with more features
Thanks for the suggestion! This may actually be the route I may go, as I can seed MUCH higher than a 1.0 without affecting my home connection speeds.
Exactly.
You also get wireguard vpn free with seedbox. Albeit the location will be limited to Netherlands.
Is setup similar to a VPS where I can just connect from the command line and set everything up on the remote box?
yes same. but unlike VPSs you get more (but shared) resources but no root access.
Thanks for the info!
I was using mullvad for a few months and noticed that a lot of websites I wanted to use were not working for me. Plus they removed port forwarding.
Since then I have been looking for alternatives.
Currently I’m considering -
- Airvpn
- Azirevpn
- PIA
Pia seems to have a really good deal for the 3 year plan. This particular plan is so cheap that other providers prices seem ridiculously high. I have not heard much good things about PIA, so I still havent bought it.
I have generally heard a positive response on Airvpn.
Don’t know much about Azirevpn.
Are there any cheap yet “not shitty” vpn providers that you guys suggest ?
PIA is not good. It’s owned by Kape Technologies which has done sketchy things in the past.
I switched to airvpn. It gets the job done.
- Not as fast as mullvad on gigabit but it’s good enough
- the app doesn’t look great, but yeah.
- In general cheaper than mullvad.
- I have no idea if they are blocked from streaming sites, I only use VPN for torrents.
Mysterium looks pretty interesting, being completely decentralized. All the mainstream VPNs are pretty shady to me, being run in a centralized manner and some heavily marketed by “influencers”.
Isn’t that just tor but less secure?
It’s more like anonymously connecting to someone else’s wi-fi.
https://safing.io/ is ToR but less secure.
I tried learning about mysterium and it appears to be just a bunch of wire guard vpns in a network you can pay with Myst tokens. So no onion routing at all.
ivpn cuz you can pay with Monero
