Aren't they just reselling Mullvad? So is everything said here true for Mullvad generally?
Edit: I use an always on VPN on my phone but I can only have one, and that's taken by my local wireguard so I can access the not-cloud services that I run remotely.
I've figured out how to connect Mullvad at the same time on that server, such that all traffic on the server goes through Mullvad. I can't figure out how to chain them. I want to make a request to my local network wireguard (wg0) and have any traffic that isn't local be routed through to the mullvad connection (wg1) so I can both access my local network and use the internet over the VPN. Has anyone don this or could anyone point me in the right direction? This is on a linux machine...
Sorry, Web Safe has blocked this site
This site has been blocked by Web Safe. It's listed as
having content that’s inappropriate for children,
involving either pornography, hate, crime, drugs,
violence, hacking, self harm or suicide.
Thank you, Virgin Media. At least they actually tell you they're blocking them now rather than just forcing a DNS failure.
Isn't that a UK thing which you need to opt out of, not a Virgin thing? They don't do that here in Ireland, while I was under the impression most UK ISPs at least had default on porn filters
I got Zen (another UK ISP) and the page isn't blocked, and I'm a happy Mullvad customer. In fact, I haven't encountered a site that's blocked on the ISP level with them.
Really? Your ISP treats you like this so blatantly? This is absurd, nonsense, being considered for practical purposes a child who needs to be controlled in their choices of "appropriate" viewing material. Disgusting. If you don't mind my asking, in which country is this?
You could just use plain wiregaurd built into the linux kernel... Download a tiny config from mullvad (there is a separate config for each server), pop it in `/etc/wiregaurd`, `chmod 600` and `chown root:root` it and use the `wg-quick` command to bring it up e.g `wg-quick up config-name`. That's it, no appy apps needed. I believe this is all the apps are doing, they just make it easier by retrieving and installing the configs for you and of course add more attack vectors in the process.
This is how i use wiregaurd and it's pretty easy via the wg-quick interface. If using systemd you can also generate a unit for a particular config to bring it up at boot with: `systemctl enable wg-quick@config-name` where config-name is whichever one you want from your /etc/wiregaurd dir.
If you want to be able to check a file to see it's up, e.g for i3status bar or something, you can use /sys like this: `/sys/devices/virtual/net/mullvad*/dev_id` i'm using a wildcard but you can be more specific if you aren't going to be changing configs.
Apps do much more. You can change location with a click, force kill switch, blocks ads or malware, change to openVPN if UDP is blocked, automatically connect and switch between networks, etc.
All of that will come to Linux UI once there's a network-manager-wireguard plugin, the same that one can do it for openVPN and the like now. Wireguard is still new, and network-manager was still finding the correct UX a year ago.
I need no advanced features, and I have no other WG servers to connect to besides Mullvad, so I’m simply using their app which handles everything for me.
Mullvad supports split-tunnel. Sure you can somehow set that up manually with the standard clients, but with Mullvad you can simply run a command with "mullvad-exclude" and the process will be exempt from VPN. Pretty convenient.
Either your wireguard endpoint should be the router / gateway for the local traffic, and ip_forwarding is enabled on that gateway, OR you have to specify routes in iptables for the different networks you want to reach.
ip route add <subnet> dev <device name> via <gateway or router>
Like this:
ip route add 192.168.1.1/24 dev wg0 via 192.168.1.1 (which is the router, usually).
Hey, thanks a lot! I started reading that and then I bought a router that runs OPNsense... I'm just going to run the whole network through the mullvad VPN. Setting up dynamic DNS and poking a little hole in OPNsense so I can connect to my local network wireguard... that's more of my speed.
Actually I got into the OPNsense documentation tonight, I think what I'm looking to do will be even easier than I imagined with it acting both as my local server and routing traffic to the mullvad interface... e.g. with my current local wireguard server retired. This networking stuff is crazy hard, I'd rather have a proper solution with good documention than what I was trying to do on a machine that has its own complocated local networks for libvirt and other stuff that I just kind of use without fully understanding.
From the Introduction: "This report describes the results of a security assessment targeting five Mozilla VPN Qt5applications and clients, together with their corresponding codebase"
It's only the client-side software in scope,not the VPN service itself.
I don't want to speculate as for the reason of the scope for the audit. Just answering the question "So is everything said here true for Mullvad generally?" with "No, the audit is only looking at the client-side software and is therefore not saying anything of Mullvad in general".
I was just about to comment "how does this compare to Mullvad?", had no idea they were basically the same thing. Mullvad is already great and available in more countries, so I see no reason to move to Mozilla VPN.
There's no problem having several wireguard connections enabled at the same time. Routes are selected per metrics/distance.
E.g:
A private virtual network between you and remote hosts won't be interrupted by the presence of a VPN service. The entry connection to the private network would be routed through the VPN service, though.
"AllowedIPs" detemines which target networks are allowed to be routed through the tunnel. If it actually gets routed or not depends on the software. wg-quick adds routes to AllowedIPs by default, systemd-networkd does not.
Mozilla VPN starts at $9.99/month with month to month pricing.
Mullvad is €5/month, period.
Mozilla pricing starts to align once you pay 12 months at a time.
At least on the surface, Mozilla isn’t providing a benefit to the consumer aside from an account / subscription management approach that is slightly more “normal”, and it’s unclear if that’s actually a good (or bad) thing.
Edit: I use an always on VPN on my phone but I can only have one, and that's taken by my local wireguard so I can access the not-cloud services that I run remotely.
I've figured out how to connect Mullvad at the same time on that server, such that all traffic on the server goes through Mullvad. I can't figure out how to chain them. I want to make a request to my local network wireguard (wg0) and have any traffic that isn't local be routed through to the mullvad connection (wg1) so I can both access my local network and use the internet over the VPN. Has anyone don this or could anyone point me in the right direction? This is on a linux machine...