Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Using VPN app from VPN service vs. using VPN setup through macOS Network Preferences (IKEv2)?

Luba

Luba

macrumors 68000
Original poster
Apr 22, 2009
1,807
379
Usually I use my mobile Hot Spot to connect to the internet when out at cafés etc, but I have signed up for a couple VPNs because too often there isn't a good cell signal for the Hot Spot to work.

I set up the VPN under System Preferences --> Network Preferences using IKEv2, but the two VPNs I signed up for are pushing me to use their apps. Why do they want me to use their apps? It wasn't that difficult to set up the VPNs using Network Preferences. Do their apps using a protocol that's better than IKEv2? I do like the Internet Kill feature in their app. Is "Internet Kill" a feature in IKEv2? It doesn't seem that IKEv2 has "Internet Kill" because I'm still connect to the internet when VPN loses the connection.
 
BrianBaughn

BrianBaughn

macrumors G3
Feb 13, 2011
9,842
2,505
Baltimore, Maryland
There hasn't been a kill switch in the built-in macOS VPN client connection in previous versions of macOS and I don't know if the newest has it or not. I don't think so.

Tunnelblick (for OpenVPN) is supposed to have one now.

I think with most of the good VPN services it's best to use their software as it's usually more reliable and feature-rich. For example, the PIA app has the kill switch, port forwarding on some endpoints, can separate LAN traffic from VPN traffic, and can exclude chosen apps from routing through the VPN.
 
steve62388

steve62388

macrumors 68040
Apr 23, 2013
3,100
1,962
  • Like
Reactions: IowaLynn
R

Ruggy

macrumors 65816
Jan 11, 2017
1,024
665
I take it your VPN service has given you a server address, or a dedicated IP address to enter.

If you only ever want to use this one address then there is no real advantage in using an app, but what you usually get from the app is a variety of addresses to choose from.

So you can choose another server if the one you are using is slow or down , or you want to go to a different time zone where people are asleep in order to get faster connection that way or to get round a firewall for some reason like country censorship or to choose a poorer location in order to see if you can get cheaper airline tickets that sort of thing.
 
  • Like
Reactions: Luba
Luba

Luba

macrumors 68000
Original poster
Apr 22, 2009
1,807
379
Ruggy said:
I take it your VPN service has given you a server address, or a dedicated IP address to enter.

If you only ever want to use this one address then there is no real advantage in using an app, but what you usually get from the app is a variety of addresses to choose from.

So you can choose another server if the one you are using is slow or down , or you want to go to a different time zone where people are asleep in order to get faster connection that way or to get round a firewall for some reason like country censorship or to choose a poorer location in order to see if you can get cheaper airline tickets that sort of thing.
Click to expand...
Thanks for the info. The apps also offer/feature the option to set “internet kill” which I think it means if I lose the vpn connection it’ll kiLL the internet connection completely. Does the macOS Network Preferences offer that? It seems if i lose the vpn connection it’ll just continue my internet connection on the unsecured WiFi.
 
J

jtara

macrumors 68020
Mar 23, 2009
2,008
536
OpenVPN requires significantly greater compute resources than IKEv2.

Older Macs have CPUs that do not implement AES-N2 instruction set, and could possibly struggle with OpenVPN And in any case will make less CPU left for other processes.

OpenVPN can be easier to get through in environments where there is an effort to prevent you from using a VPN (such as a government or corporate firewall), because it uses https protocol and can be made to look like innocent web traffic.

i use IKEv2 to “phone home“ and emerge through my home router. I can use openvpn as a backup. I have no real use for a VPN “service”, but i do have a subscription. I can use it to watch British TV shows using i player shhhhhh! ;)

I trust Apple more than any third-party implementation. OpenVPN is at least open source though. I would not install any closed source non-Apple VPN software, period.
 
Luba

Luba

macrumors 68000
Original poster
Apr 22, 2009
1,807
379
jtara said:
OpenVPN requires significantly greater compute resources than IKEv2.

Older Macs have CPUs that do not implement AES-N2 instruction set, and could possibly struggle with OpenVPN And in any case will make less CPU left for other processes.

OpenVPN can be easier to get through in environments where there is an effort to prevent you from using a VPN (such as a government or corporate firewall), because it uses https protocol and can be made to look like innocent web traffic.

i use IKEv2 to “phone home“ and emerge through my home router. I can use openvpn as a backup. I have no real use for a VPN “service”, but i do have a subscription. I can use it to watch British TV shows using i player shhhhhh! ;)

I trust Apple more than any third-party implementation. OpenVPN is at least open source though. I would not install any closed source non-Apple VPN software, period.
Click to expand...
Using VPN mainly for unsecured WiFi and occasional iPlayer :)

If I use macOS Network Pref VPN which uses IKEv2 and if I lose the VPN connection will it automatically drop me on the unsecured WiFi? If yes, I guess I’ll risk it and use 3rd party apps that use OpenVPN and have the “Internet Kill” feature.
 
steve62388

steve62388

macrumors 68040
Apr 23, 2013
3,100
1,962
ruphtoon said:
hi,

wireguard will faster than openvpn?
Click to expand...

It’s definitely a lot faster at establishing connections. I also find it maintains connections better, but this could be down to the VPN apps I use rather than the protocol itself. My understanding is that on very high bandwidth connections Wireguard performs better ( https://www.wireguard.com/performance/ ) but mine is slow enough OpenVPN doesn’t throttle either, so I can’t speak from experience about that.

At this point, if your provider supports it, there isn’t a good reason not to use it.
 
R

ruphtoon

macrumors newbie
Jun 19, 2020
3
0
steve23094 said:
It’s definitely a lot faster at establishing connections. I also find it maintains connections better, but this could be down to the VPN apps I use rather than the protocol itself. My understanding is that on very high bandwidth connections Wireguard performs better ( https://www.wireguard.com/performance/ ) but mine is slow enough OpenVPN doesn’t throttle either, so I can’t speak from experience about that.

At this point, if your provider supports it, there isn’t a good reason not to use it.
Click to expand...
did you compare wireguard and ikev2 vpn on mac?
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom