So I use Arch Linux, and I have seen across the forum that some people say it is better to use a Wireguard config that the VPN provider offers instead of there VPN client. How is this better? Should I just keep using Mullvad’s client?
Its better because you can set up Wireguard for your VPN and enable the killswitch too (which not all VPNs provide for Linux and they may not work perfectly all the time). So, this way is “recommended” for certainty with a proper 100% secure set up of your VPN so all your traffic is always forced to flow through your VPN tunnel.
Since the WireGuard tools and available configuration is limited (and rightly so, for simplicity), you may need to use your provider’s client/app for additional features.
E.g. for Mullvad
- DAITA
- Quantum Tunnels
- Killswitch (as @JG mentioned), though that may be more reliably set up using a good
iptables/nftablesrule - Etc.
An example for Obscura: our base protocol is QUIC-based for better obfuscation (though we layer WireGuard on top of it), so you’d have to use the client/app to get that feature, though we do offer a WireGuard-compatible protocol as well.
1 Like
Mullvad and Proton have support articles to how to set it up on Linux:
–
This comment is not necessarily directed at you but since you mentioned iptables.
The links I mentioned have a pretty easy solution - you simply have to copy paste a few lines of code in the config file before putting it in your etc and wireguard folders on Linux and turning it on.
2 Likes