
Wintun – Layer 3 TUN Driver for Windows - axiomdata316
https://www.wintun.net/
======
zx2c4
I had posted the announcement email here a while ago, but that didn't make the
HN cut. It's got a bit more context and info if you're interested:
[https://lists.zx2c4.com/pipermail/wireguard/2019-March/00403...](https://lists.zx2c4.com/pipermail/wireguard/2019-March/004038.html)

~~~
Randor
Hi,

Where is the Windows client source code?

------
accrual
This driver is provided by the original author of Wireguard, an open source
VPN solution. [0] Here's a link to the source if anyone is interested in
browsing. [1]

As an aside, I appreciate the simple and straightforward web design on this
page. No JS is required and it offers interesting and original artwork to
boot.

[0]
[https://en.wikipedia.org/wiki/WireGuard](https://en.wikipedia.org/wiki/WireGuard)

[1]
[https://git.zx2c4.com/wintun/tree/wintun.c](https://git.zx2c4.com/wintun/tree/wintun.c)

------
mises
Great to see wireguard is taking Windows support seriously, rather than just
using the openvpn driver. Currently on tunsafe, but I'm excited to switch over
to the first-party client when it's available.

~~~
zvrba
So, genuine question: why would one use a 3rd-party VPN client in windows when
Windows 10 comes with a built-in client supporting PPTP, L2TP/IPsec and IKEv2?

What is better about OpenVPN or Wrieguard?

~~~
ownagefool
IPSec is considered compromised by complexity. Your encryption shouldn't come
with footguns, the UX should be designed in a way that just works.

Wireguard has a limited amount of configuration, a small code base and has
been reviewed. This gives us a greater level of confidence in it. Obviously
this needs to stand the test of time and you'd be connecting to a wireguard
server.

There may be specific technical worries about the IPSec protocol, but I'll
leave that to someone more knowledgeable.

~~~
LIV2
I can only assume the people who describe existing VPN technologies as "too
hard" are the people hired to do things badly in infomercials.

Setting up IPSec site-site tunnels can be a frustrating experience but setting
up IPSEC/L2TP is piss easy with any router I have worked with, maybe it's hard
to bang together a working config on a Linux server but I wouldn't know.

~~~
akerl_
I'm not sure where you're quoting "too hard" from; it doesn't occur in the
comment you're replying to or in the WinTun site.

The complexity folks are referring to is the volume of code, number of config
options, and the equivalent increase in "wrong but functional" ways the code
could work. As an end user, one of the worst possible outcomes is that I set
up a VPN and the tunnel works for my traffic, but due to an error on my part
or a bug in the code, the connection is not secure.

Wireguard's codebase is designed to be small, easily auditable, and expose the
minimum necessary config choices. This is specifically to guard against these
risks.

------
atesti
Did someone find the interface specification how to access this driver?
Probably by opening the device, but what would one write and read into it? IP-
pakets? How to configure the IP and routing?

------
lousken
can't download the prebuilt file - 404

