VPN (WireGuard) works 100% - setup for PureOS

August 28, 2019

1. PROVIDER Mullvad (100% anonymous VPN).
2. PROTOCOL WireGuard.
3. SOURCE https://mullvad.net/en/download/all/
4. DOWNLOAD linux debian .deb file to download folder.
5. INSTALL right-click downloaded .deb file ->
select “open with other application” ->
select application “software install” to install .deb file.
select “view all applications” (if application called “software install” is not visible ->
6. CONFIGURE launch Mullvad application icon ->
left-click cogwheel, top right ->
select advanced ->
scroll down to “tunnel protocol” option & select “wireguard”->
select different global server connections to find fastest route and periodically change IP address.
7. TEST if connection secure, on Mullvad site “am I Mullvad” - (first disable WebRTC etc., in browser).

READING WireGuard VPN review (Ars Technica).

4 Likes

Thanks for sharing, But sadly I had a very bad experience with Mullvad. Actually I have signup Mullvad for streaming but it is very slow.

From 8 months I am using ExpressVPN no doubt it has such an awesome speed. Thanks to this review (https://www.reviewsdir.com/expressvpn-review/) for helping me in choosing ExpressVPN.

Mullvad is the only VPN I can find offering a genuinely 100% anonymous customer signup. Nobody else does this (that I could find of any relatively reliable provenance). Payment options include crypto currency. Global VPN speeds can vary greatly, but I have found it easy in practice to use the multiple location connection options to simply switch to the fastest routes I can find on any given date/time. This way I get really great speeds.

I have had an ExpressVPN service in the past - one of their people once let slip that they monitor user traffic and reported some European based users to the authorities for their online usage. The Mullvad service seems to attract those for whom private VPN usage is most important.

I don’t suggest any vpn or not share what I use. Visit multiple VPN service, check what they are offered, first avail trial period if you satisfied by their service “ok” else try another one. If anyone recommended you any vpn service might be he or she satisfied with its service but you don’t. If you are interested in selecting any VPN so it is the rigt time as many top graded VPNs just come up with exciting Black Friday VPN Deals and you get any of them in much cheaper rates.

1 Like

avoid those “providers” , use the “streisand” installer on your rental v-server instead. Gives you (essentially) full control.

For OpenVPN, Purism could also adapt the Passepartout app:

Currently it’s only on iOS, but I think one is being built to run on Android so that could be adapted for PureOS. It’s significantly better than the stock OpenVPN app and is provider-neutral.

Err, why would one want to adopt an iOS apo to adopt to a Linux-based technology? :thinking: Linux and NetworkManager and Gnome have perfectly able OpenVPN capabilities…

Mullvad is not as much good as per the expectations, i would suggest to go with industry’s best like expressvpn, nordvpn, cyberghost or surfshark or you can get some advice from thevpnexperts before approaching any top service that what’s the insights regarding that service.

No doubt they are the best vpns you mentioned, but surfshark doesn’t provide Venezuela server as per https://buybestvpn.com/south-america/venezuela/ this guide. I need to access Venezuelan content, need suggestions please.

Enhancing trust requires rethinking consent. Luckily, technical tools are emerging that could allow for a more flexible, tailor-made approach. I choose vpn on the basis of encryption level. Surfshark is the one that intact with dvanced security features.
Surfshark provides unbreakable security features including leak protection, AES 256-bit encryption, Kill switch, other security protocols as well as several other additional features that help you keep your data connections safe and secure.

After having try different VPN services, my experience and readings brought me to the conclusion that 99 % of services do not respect their users’ privacy and do collect data and store them.
As being said earlier, the Swedish Mullvad is one of the very few (if not the only one) to not collect any data, at all (for now). Even the excellent Swiss based ProtonVPN collects very few traces.
thatoneprivacyguy.org did a hell of a job referencing and detailing many VPN providers. If there are some details to update after time, the information is still good.

Yes mullvad + wireguard works pretty well under PureOS. I set up the connection in a linux network namespace, in which I run the applications in that should connect to the internet through the VPN.

I don’t use their software but my own setup script:

#!/bin/bash
set -e
NETNS_NAME="vpn"
DEV_NAME="wg0"
CONF=/etc/wireguard/$DEV_NAME.conf

ADDRESSES=$(cat ${CONF} |grep Address | cut -d = -f 2)
ADDRESS4=$(echo $ADDRESSES | cut -d , -f 1)
ADDRESS6=$(echo $ADDRESSES | cut -d , -f 2)
DNS=$(cat ${CONF} |grep DNS | cut -d = -f 2)

echo "IPv4: ${ADDRESS4} IPv6: ${ADDRESS6} DNS: ${DNS}"

# Create a Wireguard network interface in the default namespace.
ip link add $DEV_NAME type wireguard

# Load the Wireguard configuration.
wg setconf $DEV_NAME /etc/wireguard/$DEV_NAME.conf

# Create a new network namespace.
if [ ! -e /var/run/netns/${NETNS_NAME} ]; then
    ip netns add ${NETNS_NAME}
    ip -n ${NETNS_NAME} addr add 127.0.0.1/8 dev lo
    ip -n ${NETNS_NAME} link set lo up
fi

# Set up DNS
mkdir -p /etc/netns/$NETNS_NAME
echo "nameserver $DNS" > /etc/netns/$NETNS_NAME/resolv.conf

# Move the Wireguard interface to the network namespace.
ip link set $DEV_NAME netns $NETNS_NAME

# Set the IP address of the Wireguard interface.
ip -n $NETNS_NAME addr add $ADDRESS4 dev $DEV_NAME
ip -n $NETNS_NAME addr add $ADDRESS6 dev $DEV_NAME

# Bring up the Wireguard interface.
ip -n $NETNS_NAME link set $DEV_NAME up

# Make the Wireguard interface the default route.
ip -n $NETNS_NAME route add default dev $DEV_NAME
ip -n $NETNS_NAME -6 route add default dev $DEV_NAME

I used a similar script up until they implement Wireguard.
It was useful to try different VPN services to avoid installing many clients.
Such a script is useful to jump from one service to another.
And if Wireguard still has to be more validated, but it seems to be on the right path.