Android has a built-in VPN client; has anyone tried it? I’m really curious why almost nobody is using it or talking about it.
Any downsides to using it? Proton VPN supports it, and having one less app on my phone would be beneficial.
IIRC Vowifi uses ipsec.
IKEv2 seems still being used in corporate environments, but I do agree it is so old and should not be used unless necessary.
I wonder why google does not bake ovpn and wireguard into aosp.
On built-in IPSec support:
https://xcancel.com/GrapheneOS/status/1636041905451462656#m
https://xcancel.com/GrapheneOS/status/1655953875755585542#m
On future, built-in WireGuard support:
https://xcancel.com/GrapheneOS/status/1786531088652705911#m
https://xcancel.com/GrapheneOS/status/1730428907793362960#m
On built-in IPSec/WireGuard resistance to existing Android VPN leaks:
https://xcancel.com/GrapheneOS/status/1798751369626624035#m
TL;DR:
-
Using the built-in IPSec support is recommended by the GrapheneOS developers and is more secure (if using modern ciphers) than OpenVPN but WireGuard is more secure than IPSec. Other recommendation by the team is the official WireGuard app.
-
Built-in WireGuard has an implementation in the kernel but cannot be used by users yet. Likely to be implemented at some point in the future by Google themselves or the GrapheneOS developers if Google takes a long time.
-
Built-in VPN support (IPSec and WireGuard in the future) are resistant to all the VPN leaks that currently exist on Android.
3 Likes
The link should be correct.
Here is the quote:
“We developed a fix for the main issue with those apps, it didn’t work out due to causing app compatibility issues and we don’t know how to proceed. We’ve determined those leaks don’t impact the built-in IPSec VPN support and wouldn’t impact future built-in WireGuard VPN support.”
1 Like