Evening all, just switched VPN provider and in the settings you can have automatic which I don’t feel comfortable with, Wireguard and IKEv2 and some others. Which of the two named are the most secure?
IKEv2 can be used with many different cipher suites, from null encryption which provides no security, to strong suites including ChaCha20 Poly1305 used by WireGuard. But I don’t know the algorithm used in your case since it depends on the implementations and configurations.
StrongSwan is a popular open source implementation: Redirect Notice
Wireguard is not only designed to form secure VPN and packages, it also has fast connection. Compare to Wireguard, IKEv2 is outdated.
IKEv2 can use strong ciphers if configured to do so, however it’s part of the IPsec family and as such it comes with a number of disadvantages. For example, IPsec based protocols don’t behave well behind NAT, and are difficult to implement on server side. They’re easy to block because they always listen on the same ports. So they don’t provide much granular configuration. Last but not least, although, still supported IKEv2 is some what legacy technology compared to Wireguard.
Secure in what way, exactly? What are you worried about?
Answering your question in a vacuum, typically I’d recommend wireguard if it’s an option.
Thanks for the information
Thank you for your explanation, really appreciated.
Openvpn is not perfect either. Each software has its advantages and disadvantages
I think wireguard is slowly taking off openvpn’s market share while enterprise will be stuck with IPsec forever.
Big disagree. It’ll take longer, but IPsec is going the way of the dodo in the 20’s. Finally.