VPN: which one to choose and how to configure?


Due to the fact that the necessary sites or services often fall into the block, on the initiative of Rospotrebnadzor, the RevenueBot management will tell you about popular VPNs that can be used to bypass locks. This article will not contain a lot of information that is incomprehensible to most people who use a VPN. Here we will give a brief description of the two VPNs that we use ourselves. It is worth mentioning only one thing: if you are going to use a VPN alone, it is better to choose WireGuard. If the VPN will be used by more than one person, then you should choose OpenVPN.

WireGuard

WireGuard is a modern high-performance VPN. The main function of WireGuard is to ensure a secure connection between the parties through a network interface encrypted with public key authentication. This means that, unlike most virtual private networks, WireGuard does not apply a topology, which allows you to create different configurations by changing the configurations of the surrounding network. This model offers great performance and flexibility.

Now WireGuard is preparing to be included in the Linux kernel. To be more precise, it will appear in the kernel version 5.6, it even received praise from Linus Torvalds and in the US Senate.

Experts checked the speed of WireGuard and found out that it is able to bypass most encryption protocols, including the well-known OpenVPN protocol.

The reason that explains the high speed of WireGuar is the use of a fast and modern encryption algorithm, thanks to which the data transfer rate is very high.

In addition, this protocol is very similar to https, which allows you to deceive the DPI traffic analysis systems installed at your provider and bypass these locks by signatures.

You can read about how to configure WireGuard on your PC here.

OpenVPN

OpenVPN is a multiplatform, flexibly configurable, free VPN server with open source code, which is actually the “defacto” standard for organizing access to internal corporate networks. Most administrators use it with default settings or with typical configurations widely described in various HOW-TO. But is OpenVPN as simple as it seems at first glance? In this article, we will look at the hidden internal mechanisms of OpenVPN, which radically change the idea of its capabilities.

The OpenVPN server is distributed as source code or compiled packages ready for installation for various operating systems. OpenSSL is used as a library that provides encryption.

Most configurations for client communication with the server, as well as between servers, involve the use of a bunch of private or private/public keys to ensure the security of internal traffic. For corporate networks in the MultiPoint-To-SinglePoint mode, a PKI certification authority is usually used, which is easily built either using easy-rsa or based on XCA. For Point-to-point inter-service communication, a configuration with a shared key is mainly used. Let’s recall the main, well-known mechanisms and capabilities.

You can read about how to configure OpenVPN on your PC here.

184 views
0 0 votes
Article Rating
Subscribe
Notify of
guest
0 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments