If you follow the world of VPNs closely, know the VPN protocol WireGuard. It is lightweight and very fast. Maybe you are also familiar with NordLynx. This is the WireGuard implementation of NordVPN (big discounts NOW)*, which was previously only available for the Linux client. The good thing is that NordVPN also offers the slim client for the Raspberry Pi, more precisely Raspbian. From now on NordLynx will be rolled out on all apps. This means that you can use WireGuard with the NordVPN app on Android, Windows, macOS, iOS and of course Linux.
Important note: The function will be rolled out step by step. Not everyone will get the new VPN (Virtual Private Network) clients simultaneously and you may have to wait a few days until NordLynx arrives. The goal is to have all new apps distributed April 24th.
It is not difficult to use the new protocol.
On Android you find the new option in the settings.
What about the security and NordLynx?
WireGuard is fast, but there are concerns about anonymity. NordVPN protects the privacy of the users by using double NAT (Network Address Translation). The double NAT system creates two local network interfaces for each user. One of them is used by all users connected to the server. So, you will be lost in the crowd as before.
The second IP address is only assigned to you during the session and no data is stored on the server. You are therefore not identifiable. In the end, the endpoint will not see your WireGuard IP address, but a general one from the NordVPN network. At least that’s how I understood it.
NordLynx / WireGuard is faster – much faster – good for streaming
My speed tests have shown that NordLynx is faster than OpenVPN. However, I could only test it under Linux so far. During the release of NordLynx for all apps the provider wrote that they did 256.886 internal speed tests. According to NordVPN the new VPN protocol has left the established IKEv2 and OpenVPN far behind.
This is valid for connection times as well as download and upload were constantly faster than a connection with OpenVPN. This does not mean that OpenVPN is slow, but better performance is always welcome. You can also switch at any time, if you feel like using a different VPN protocol. The others won’t be removed.
WireGuard is roaming capable by the way. So, you can switch networks without disconnecting from the VPN server. Now it can always happen that a VPN server fails completely. But for this, the client of NordVPN additionally offers a so-called kill switch. If this function is active, it will cut off all connections to the Internet as soon as your connection to the Virtual Private Network is disconnected.
If you use your VPN primarily for streaming, a higher speed will also be handy. The minimum requirements of streaming providers are relatively low, but you will only get the lowest quality. Especially if you want to avoid geoblocking, you want to have high speeds so that you can stream hassle-free.
Lower latency with NordLynx is an advantage for VoIP, video calls and so on. So, all real-time applications benefit from lower latency and faster response times.
Does NordLynx have disadvantages?
The only small disadvantage I can see at the moment: There are fewer sites that are equipped with WireGuard.
It is possible that these countries will also be equipped with WireGuard at some point. Especially for Finland, I cannot imagine that there will be no improvements. In any case, this is a disadvantage that I can live with at the moment.
Further advantages of NordVPN and NordLynx
NordVPN is one of the most user-friendly VPNs on the market. Except for the CLI Linux client, the clients for the other operating systems are similar. You just type or click on the country you want to connect to and the software does the rest. It does not get much easier. But you can also connect just like that and the client takes the server that responds fastest. This is usually a server that is located near you.
If you only want to protect your traffic and maintain your anonymity, you don’t need to worry about the server. With geoblocking, however, it becomes more specific.
Of course, you can build your own WireGuard VPN server using a Raspberry Pi. This is not that difficult. However, you won’t be as flexible in bypassing geoblocking as you would be with a global VPN provider like NordVPN*. Besides, anonymity is most probably also not given with your own server.
If you only want to protect yourself in free Wi-Fi hotspots, hotels, Airbnb, on the bus and so on, then a self-made solution is certainly a good idea. But if you want to beat geoblocking, connect to other countries and so on, then you are better off with a VPN provider. The packages are no longer expensive. NordVPN only costs around €3 per month if you take a three-year subscription.
Short overview of the functions of NordPVN:
- Headquarters in Panama – outside the 5/9/14-Eyes-Alliance
- The provider has a zero logs policy
- Over 5000 servers in about 60 countries
- In the future, all servers will run in RAM
- Stealth servers help against censorship
- Up to 6 simultaneous connections
- 30-day money-back guarantee
- No bandwidth limits
- 24/7 support via live chat
- CyberSec is an ad blocker that also protects against trackers and malware as well as phishing
- Clients are available for Linux, Android, Windows, iOS, macOS and browser add-ons
- Runs perfectly on Raspberry Pi (no problems for months)
- Installation on router allowed (counts as 1 device – use my Raspberry Pi as VPN router)
- P2P / torrents are permitted
Take advantage of the 30-day money back guarantee and test NordLynx without risk. If you dislike the service, you will get your money back.
The provider usually does not ask questions and refunds your money rather quick.
CyberSec briefly explained
The CyberSec function is one of the best features of NordVPN. It is an ad blocker, but it also blocks trackers and malware and protects against phishing. The function is included in all clients of NordVPN, including the extensions for Firefox and Chrome.
However, the function is not activated by default. There is a good reason for this. Some websites don’t like active CyberSec. If you activate the function, keep this in mind.
As soon as I leave the house, the VPN with CyberSec is active on my smartphone. At home, my traffic runs through a Pi-Hole and/or the VPN router with CyberSec active, so I usually don’t need a VPN on the individual clients at home.
NordLynx also for Windows
The Windows version now also offers WireGuard as a protocol.
All you have to do is set it up and you can use it immediately.
I was there from the beginning
I was one of the early testers of NordVPN’s WireGuard implementation. In the very beginning (2018) there were only two servers and I had to set up WireGuard manually. With NordLynx for Linux (July 2019) testing became a lot easier. The Linux client certainly had major quirks in the beginning, but the developers reacted quickly to my bug reports. They still do that today.
Compared to the first versions of the Linux client it has improved a lot.
The Linux client has been improved and is still under active development. On its website NordVPN offers the Linux client for Debian-based (Ubuntu, Linux Mint, Raspbian) and RPM-based (Red Hat, Fedora, openSUSE) Linux distributions. By the way, the client is also available for Manjaro or Arch – it is located in AUR and is called nordvpn-bin.
Tip: After the installation via AUR you have to activate the daemon first. Otherwise, the client does not work like in the other linux distributions:
sudo systemctl enable --now nordvpnd
It works really well and the thing is fast. In Linux you can change between OpenVPN and NordLynx like this:
nordvpn set technology nordlynx
nordvpn set technology openvpn
Using the command
nordvpn set cybersec on
you activate CyberSec, if you would like to use it.
Why do I need a VPN?
There are several reasons why you want to use a VPN (Virtual Private Network). As already mentioned, some people only want to protect themselves in public networks.
If you are travelling, you might like to use the open WLANs in restaurants, cafés and so on, just like me. First, I don’t know who else is on the same network, nor who set up the network. I have also seen compromised routers in countries like Egypt or Indonesia (DNS redirections).
By the way, VPNs are blocked in Egypt, but not illegal. But thanks to the stealth function, NordVPN works very well there. The service also works in other countries with censorship like Russia and China (can crack the Great Firewall). If you want to know if a VPN is illegal in a country, you should do your own research. Laws can change. In most countries VPNs are legal. In North Korea, for example, it would be illegal.
Others want to circumvent geoblocking. You can use your VPN to watch Netflix US or BBC iPlayer.
Others don’t want to put up with the stress of having to manage their own VPN server because of €3 per month. I do this for fun or because I am interested. But since I can now use NordLynx / WireGuard on Android, my own VPN server might get less attention. But I will keep it running because a backup can never hurt.