Does anyone have any opinions on TunSafe? It seems to be much faster than anything openvpn based. From what I understand, up until recently it was not open source. But that changed. I understand the wire guard is it to release their software for windows. The VPN I use, mullvad, recommends wire guard. I read in forums that previous versions of tunsafe might leak especially DNS queries. However, this seems to have changed with the recent release candidate, where all routes except those used by the tab are blocked. TunSafe passes all the tests I have run on it, including am.i.mullvad, ipleak.net, and dnsleak.com. I am curious if anyone has anything negative to say about, and if it’s safe to use.
I like WireGuard. It's much easier to setup than OpenVPN. However, it relies on a kernel module. That's one reason it's so much faster than OpenVPN. But it also means that you need a kernel module that works with your kernel. And in my experience, the best way is to build WireGuard. That's the hardest part in getting WireGuard working. In Debian, that means using the latest stable release (at least) with the latest kernel. Once you have WireGuard working, creating tunnels is utterly trivial. Code: peer 0 with IPv4 address 1.2.3.4 # ip link add dev wg0 type wireguard # ip link list see wg0 # wg genkey | tee privatekey | wg pubkey > publickey # mkdir wg # mv privatekey publickey ./wg/ # ip address add dev wg0 10.0.10.1 peer 10.0.10.2 # wg set wg0 listen-port 51820 private-key ~/wg/privatekey # ip link set wg0 up # wg interface: wg0 public key: 0GS...0U= private key: (hidden) listening port: 51820 # wg set wg0 peer IlC...QI= allowed-ips 0.0.0.0/0 endpoint 6.7.8.9:51820 peer 1 with IPv4 address 6.7.8.9 # ip link add dev wg0 type wireguard # ip link list see wg0 # wg genkey | tee privatekey | wg pubkey > publickey # mkdir wg # mv privatekey publickey ./wg/ # ip address add dev wg0 10.0.10.2 peer 10.0.10.1 # wg set wg0 listen-port 51820 private-key ~/wg/privatekey # ip link set wg0 up # wg interface: wg0 public key: IlC...QI= private key: (hidden) listening port: 51820 # wg set wg0 peer 0GS...0U= allowed-ips 0.0.0.0/0 endpoint 1.2.3.4:51820
I have used Tunsafe a lot, but I abandoned it because it's not open source. When I use a VPN I want to be absolutely sure that the software is legit. Tunsafe works fine though. An official client from Wireguard for Windows is soon going to be released! At last!
Do you have an ETA on when that'll be, because they've been saying that for months now and yet....nothing. That was the whole reason I went looking for alternatives. I seems like TunSafe might be opensource now.
This is great Linus Torvalds says: https://lwn.net/ml/linux-kernel/CA 55aFz5EWE9OTbzDoMfsY2ez04Qv9eg0KQhwKfyJY0vFvoD3g@mail.gmail.com/ Also see https://lwn.net/SubscriberLink/761939/4cee93b4fe564556/
TunSafe went open source a few days ago when they released the FreeBSD and Linux version. Windows version source is also there.
I've had problems with slow speed on Windows 7 when using the NDIS6 TAP driver that is included in the TunSafe installer. Switched to the NDIS5 TAP driver and no problems since then.
Their TAP-driver is their own version though, right? Thanks a lot for the heads up! That pretty much seals the deal for me. I'll use Tunsafe (Wireguard) instead of OpenVPN from now on then. We'll see how the "official" Wireguard client will compare to Tunsafe once it's released. I'll use the most mature of the two.
Very much so, yes. It has definitely gotten more secure because of the service integration. The tweaked blocking rules are a nice touch too. Does anyone know if TunSafe uses the WFP for it's firewall blocking rules? I ask because I see no evidence of it using the windows firewall.
Hi Folks, I have just started evaluating TunSafe on Android using one of the pre-configured servers. I wanted to use one of the UK options but ran into problems. I was using Brave and Chrome browsers. But, the Amsterdam #1 server worked fine. It's early days but an exciting development and a breeze to use. I plan to try it on Windows 10 next. JPC