{"id":93,"date":"2019-10-03T11:22:16","date_gmt":"2019-10-03T15:22:16","guid":{"rendered":"http:\/\/iheinrich.com\/?p=93"},"modified":"2019-10-03T11:43:51","modified_gmt":"2019-10-03T15:43:51","slug":"vpn-protocols-and-wireguard","status":"publish","type":"post","link":"https:\/\/iheinrich.com\/index.php\/2019\/10\/03\/vpn-protocols-and-wireguard\/","title":{"rendered":"VPN Protocols and Wireguard"},"content":{"rendered":"\n

In a previous post, I discussed WHAT a VPN is and WHY you need a VPN. If you missed it, it\u2019s called, \u201cVPN and you<\/a>\u201c.<\/p>\n\n\n\n

So now that you know WHAT and WHY, let\u2019s talk about the HOW.<\/p>\n\n\n\n

A VPN Protocol is HOW the connection from you to the server is \ncreated and encrypted. It\u2019s really important as this will determine how \nFAST and SECURE your connection will be.<\/p>\n\n\n\n

Old and Useless Protocols:<\/strong><\/p>\n\n\n\n

  1. PPTP2: Written in 1995, it has been cracked by nearly everyone.<\/li>
  2. LPT2\/IPSEC: Written by Microsoft, LPT2 provides ZERO encryption and \nrequires IPSEC for the encryption part. But even that is useless as it\u2019s\n rumored that the NSA has cracked the encryption. The default port is \nUDP 500 making easy to spot and block if you\u2019re in a country that \nactively blocks VPNs, like China or the United Arab Emirates.<\/li>
  3. IKEV2: Another Microsoft classic, another NSA cracked. See a trend here?<\/li><\/ol>\n\n\n\n

    Current Protocols:<\/strong><\/p>\n\n\n\n

    1. OpenVPN: An open source project, it has yet to be cracked and is \nconsidered the model of security. Most VPNs use this, as you can change \nports, use UDP or TDP, and change encryption methods (but just don\u2019t use\n Blowfish).<\/li>
    2. RouterPro: This is only available as a JFIF applet installed on a \ncustomized firmware router and connecting to Astrill. Why do I mention \nthis obscure protocol? Because when I lived in a part of the world where\n they blocked every VPN connection, and OpenVPN connections were \nunreliable*, this worked like a champ.<\/li><\/ol>\n\n\n\n

      There\u2019s a new protocol and it\u2019s awesome:<\/strong><\/p>\n\n\n\n

      \"\"<\/a>
      This EXIT sign has a wire guard, shouldn’t you? \ud83d\ude09<\/figcaption><\/figure><\/div>\n\n\n\n

      <\/p>\n\n\n\n

      WireGuard<\/a>.\n WireGuard is a new protocol written using a fraction of the code that \nOpenVPN uses and even Linus Torvalds approves of the code. For a super \ndeep dive into WireGuard, check out the Ars Technica initial write up<\/a>.<\/p>\n\n\n\n

      I tested WireGuard at home and found it to 3x to 4x faster<\/strong> than my OpenVPN connection. It blew my socks off and forced me to re-think my VPN configuration for 2019.<\/p>\n\n\n\n

      You can even run WireGuard on your router if you have OpenWRT firmware.<\/p>\n\n\n\n

      As of this writing, there are only TWO VPN (Update: Many providers now offer WireGuard<\/em><\/strong>) providers who offer the WireGuard protocol.<\/p>\n\n\n\n