Wireguard security questions

Hi,
I’m overwhelmed by the big speed increase with the new wireguard protocol.
On a forum I read that “by default, WireGuard saves connected IP addresses on the server. These user IP addresses are saved indefinitely on the server, or until the server is rebooted.

So how can vyprVPN deploy WireGuard while still ensuring user privacy (no-log-policy)?

Greetings,
Schleek

Thank you for you inquiry. Please see below for a detailed explanation from one of our architects.
By default, WireGuard does save the last known connected IP address indefinitely on the server as long as the WireGuard connection is configured on the server. That’s the beauty of the VyprVPN approach to WireGuard! When you click “Connect” the application talks to one of our global APIs to configure a WireGuard connection on a server for you. As long as you are connected, the server will know your latest real IP address (this is true for every VPN protocol because the server has to know where to send encrypted packets). But when you click disconnect, your application again talks to one of our global APIs to de-configure the WireGuard connection on the server. When this happens, the server discards this information. Also, we run a server-side process that looks for configured connections that no longer are receiving any information from the client-side. (i.e. your battery dies so your application never disconnects or you disconnect the VPN from the OS and not through the app) We automatically trigger the same de-configuration of your WireGuard connection on the server.

1 Like

And… how would your dev team resolve WG DNS blocking issue? Could it be customized in your app?