Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I had IPSec VPN set up on my iPhone for a year, zero problems. Native Apple client, no apps to install, just a profile file. It is always on for all traffic.


The client side story for IPSec is great, but configuring the (strongSwan) server is far from trivial. There are many decisions to make, and mistakes to avoid.

Yes, amazing projects like Algo exists, but you can't use these on all platforms (ex: OpenWRT).

My hope is that wireguard will provide a much easier (and safer) setup experience.


> server is far from trivial.

Yes, but most people will use commercial VPN providers, with added benefit of obscure IP address, with your own server IP is still unique to you.


That's only one of many legitemate uses for a VPN.

Personally I use a VPN to connect back to my homenet when I'm out on the road, or to connect to my company's network when out of office.

If you think the only usage of a VPN is anonymizing your IP, you have an incredibly lacking understanding of the history and use-cases for a VPNs.


Again :) No third-party apps to install for IPSec VPNs, this is seriously more secure


> No third-party apps to install for IPSec VPNs, this is seriously more secure

Just as telnet.exe is available on Windows but ssh isn't, so telnet must be more secure.

It depends on your threat model and also on the tech below.


Not a valid point, telnet is not encrypted, IKEv2 is pretty solid.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: