Support will be removed on both client and server side.

The process of removing OpenVPN from our app starts today and may be completed much earlier.

    • u/lukmly013 💾 (lemmy.sdf.org)@lemmy.sdf.orgOP
      link
      fedilink
      English
      arrow-up
      63
      ·
      5 days ago

      Except the 5 device limit. With OVPN it means 5 connected devices, with WG it means 5 registered public keys.

      Say you use the official Mullvad app and also setup some 3rd party WG client on your phone. That’s now taking up 2 devices. Or perhaps you do have 6 devices, but you never have more than 2 of them running at once. With WG, that’s still 6 devices regardless of them being connected or not, while with OVPN it will indeed be just 2 devices.

      • communism@lemmy.ml
        link
        fedilink
        arrow-up
        3
        ·
        4 days ago

        That’s true. I use user profiles on GrapheneOS and have to have each profile count as its own device in Mullvad, when obviously I’m not going to be using them simultaneously.

      • PunkiBas@lemmy.world
        link
        fedilink
        arrow-up
        13
        ·
        5 days ago

        This is a great point, if they’re gonna make this change, they should allow unlimited keys (or at least more than 5) and just limit the number of simultaneous devices on wireguard too. If that’s feasable

        • NekuSoul@lemmy.nekusoul.de
          link
          fedilink
          arrow-up
          11
          ·
          5 days ago

          It might be feasible, but it’s a bit awkward to implement because Wireguard is stateless and doesn’t know if a client is offline or just hasn’t sent any traffic for some time.

      • MentalEdge@sopuli.xyz
        link
        fedilink
        arrow-up
        6
        ·
        edit-2
        5 days ago

        That’s a pity.

        Is there something preventing you from having the same key ready for use on more than one device? So that two devices that are never connected at the same time can take turns using the same key?

      • RecallMadness@lemmy.nz
        link
        fedilink
        arrow-up
        1
        ·
        5 days ago

        One of my devices uses three keys because out of the two local servers I have, they seem to go down every other month, so I need a failover.

        • MentalEdge@sopuli.xyz
          link
          fedilink
          arrow-up
          12
          ·
          5 days ago

          I already commented on this, but do they actually block you from setting up multiple devices with the same key?

          I’ve had my own server node for a while, there’s nothing stopping me from using the same key and config on multiple client devices, as long as I don’t connect them at the same time.

          I’m not limited to five keys, obviously, but the keys aren’t device specific. I could set up just one on the server, and then use it everywhere.

          Does Mullwad stop this in some way?

          • ReversalHatchery@beehaw.org
            link
            fedilink
            English
            arrow-up
            4
            ·
            5 days ago

            I already commented on this, but do they actually block you from setting up multiple devices with the same key?

            I don’t think that’s possible to block, but it could lead to problems (responses not arriving) when both devices try to use the same key.

            • MentalEdge@sopuli.xyz
              link
              fedilink
              arrow-up
              6
              ·
              5 days ago

              Well yeah, you’d still have the limitation that you can’t connect multiple devices at the same time. But the idea is that just like before, nothing is actually stopping you from having as many devices as you like ready to go, all able to be used one at a time.

    • AllNewTypeFace@leminal.space
      link
      fedilink
      arrow-up
      24
      arrow-down
      1
      ·
      5 days ago

      Wireguard is more elegant and performant, and has a smaller attack surface. OpenVPN, meanwhile, is a legacy protocol, and retiring it should be a good thing.

        • Rogue@feddit.uk
          link
          fedilink
          arrow-up
          21
          arrow-down
          3
          ·
          edit-2
          5 days ago

          About the same time VPN platforms started migrating away from it

          • EveryMuffinIsNowEncrypted@lemmy.blahaj.zone
            link
            fedilink
            English
            arrow-up
            14
            arrow-down
            1
            ·
            edit-2
            5 days ago

            I feel like that’s kind of a case of circular reasoning though: we move away from it because it’s legacy, and it’s legacy because we’re moving away from it… Mind you, I’m no expert on VPNs; this is just something I thought I’d bring to attention here.

            • verdigris@lemmy.ml
              link
              fedilink
              arrow-up
              2
              ·
              4 days ago

              That’s what makes software legacy; it falls out of popularity. Plenty of terminal applications have barely changed since the 80s, but they’re not “legacy” because they’re actively used and maintained.

  • pineapple@lemmy.ml
    link
    fedilink
    English
    arrow-up
    28
    arrow-down
    2
    ·
    5 days ago

    If wire guard is just bettr then I don’t see any reason to suport OpenVPN anyway.

      • NekuSoul@lemmy.nekusoul.de
        link
        fedilink
        arrow-up
        3
        ·
        edit-2
        5 days ago

        That’s kind of weird, because the reason why I never bothered with (selfhosted) VPNs before Wireguard was because it was the first one that just worked. Granted, due to its nature, you don’t get a lot of feedback when things don’t work, but it’s so simple in principle that there’s not a lot that can go wrong. For external VPNs like this, it should just be: Load config, double-check, done.