Hacker News new | past | comments | ask | show | jobs | submit login

This is very welcome news! I had a seamless time using wireguard (via a streisand installation) on my honeymoon in Italy on my phone and more importantly, my wife's phone. It worked seamlessly.

Next up I'd like to see this be an easy config option in Unifi's network managment tools




> I had a seamless time using wireguard (via a streisand installation) ...

I've been using Wireguard via https://github.com/trailofbits/algo for a while now. Of all of the VPN experiences over the last couple of decades, Wireguard has been light-years ahead of the rest.

First: it's fast. If the server is up and you don't have packet loss, you can't tell when it is turned on. For fun, I wrote some trivial automation to automatically and randomly switch between a few wireguard back ends, and I generally can't detect it.

Second: it's easy. For me, an experienced technical user. I don't know enough about the ecosystem to recommend it to less technical people, though given how basically sound it is, I'll be surprised if there aren't really easy and robust front-ends coming up.


Third: it doesn't wreck my battery life, like others do.

I've been using now wireguard for the past two years, really happy with it!


> Second: it's easy.

To give you some perspective, it's so easy that my four year old knows how to turn it on when we're traveling and she wants to watch PBS Kids.


But can your 4 year old set up Wireguard on a Debian server?

Psh, didn't think so. Amateur.


Her first desktop interface will be a command line, so after she learns to spell, give her a year. :P


my 4-year-old son learns English using sheLL :)


Now I'm wondering if sheLL is a special thing or if you just held the shift key down by accident. Sadly you can't easily do a case sensitive search so I can't figure it out.

But either way, that seems like a good idea.


At the terminal with wg-quick, in NetworkManager, on a phone? Just wondering how impressive your kid is.


On my Macbook there's a drop-down menu hanging off a menu bar icon. I feel like I could definitely show a little kid how to get themselves on the VPN.


I didn't know that. Ubuntu user.


iPhone. But the desktop is super easy too.


After switching to wireguard I've been really blown away at how much better the experience is on a phone than other VPN methods. It's always on on my phone as long as I'm not using my home wifi, and I just never need to think about it.


On iOS it's still a userspace client, as I understand it, and the additional battery drain was very noticeable for me.


I noticed a HUGE battery drain with other VPN clients like PIA's app or just OpenTunnel, but either my 3 year old iPhone X has a great battery, or the battery drain from WireGuard has been unnoticeable for me.


1 year old iphone 8 here and Wireguard was noticeable (vs no VPN). I did not try other VPNs.


I use an iPhone SE for work with a WireGuard VPN, no noticeable drain (beyond that battery life is generally pretty bad compared to my Android, even when WiFi/data/bluetooth/gps are turned off).


Do you have an automated way for turning it off when you're on home wifi? Trying a similar setup, and it isn't immediately clear other than via manual activation how to not use Wireguard in that situation.

Thanks.


The built-in "on-demand activation" is quite good. Can set it to specific SSIDs (white or blacklist) or cellular. I've it on for everything except my home SSID.

Edit: I'm talking about the iOS version, not sure what platform you're using.


No such luck on Android, you need to use tasker or similar. Really a nuisance but not a deal breaker. It would be dreamy to set up the client to not use specific SSIDs.


I want to point out that the intents on the official Wireguard Android app are not exposed, so I, not being rooted, can't use Tasker to automate it.

However, there are other Android apps that implement Wireguard that do expose their intents. I use Viscerion with Tasker quite happily.


What iOS client are you using? I am using the Wireguard one (the the twisty snake/dragon) and don't see any of these options. Is this stuff that is done in the config files? Sorry, all new to me.


It's in there! Scroll down to the "On-demand activation" section of the settings for your connection


There it is! Thank you!


Yep, this is what I do. It just doesn't connect when I'm connected to my home WiFi


On Android this can be easily achieved by Tasker.

Personally I have the luxury of running the VPN server at home, so I can just always leave it on.


Why does this allow you to allows leave it on?


Presumably minimal latency from phone on home wifi to server on home wifi. I actually have no idea if this is true, or how I'd evaluate it. Does anyone understand how the internet and wireguard works well enough to know if this is true?


That's what I was wondering. I've actually done this using OpenVPN (connected to my home VPN server while on home wifi), and it worked fine. Biggest issue was battery impact, but wireguard might be better in that regard?


Well since I connect to my home network anyway I can just leave it on at home and there's no difference in performance.


I havent used it so i cant vouch for it personally, but IFTTT has been recommended to me highly.


It works great on mullvad for me, never any issues. I just installed the PPA for Ubuntu 18.04 and everything else was easy peasy. Some people say it's faster for them but I don't see that on my Gigabit connection, just a bit less CPU compared to openvpn, but neither really uses all that much, it's a fraction of a single processor on my 6 core machine.


I don't remember exactly when I started using it but it feels like forever and I have forgotten about all the VPN nightmares that I had before. I can't wait for Wireguard support in all kinds of routers and other appliances.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: