I have used PIA for years now and really love their service, but I was wondering if it was safe for me to use wireguard on top of it or if it even has any benefits
It doesn’t have any benefits and might only introduce lags and routing issues. PIA already has an option to use WireGuard as protocol. If you know what you are doing you can use your own WireGuard instance to access your home network though and even configure them to use internet via PIA. But it’s not really necessary.
So you have two VPN clients installed on your computer that are supposed to route all of your traffic?
That won’t work, your computer will prefer one network interface over the other, as far as I know.
But even if it would work, and you would actually manage to access the internet first over PIA and then another hop over wireguard, you actually lose all benefits of your PIA VPN.
If anyone wanted to identify you, based on your IP, they would look up who owns the wireguard node, and since most likely you would be the only one using it, they could track you down.
You mean in place of… don’t run 2 VPNs.
Use WG for what? A commercial VPN is differnet than a VPN tunnel for PtS or PtP connections.
What is it you’re trying to achieve is the first thing to ask yourself.
Assuming you’re looking at privacy aspect, a double VPN like Nord offer, and you’re talking about your own WireGuard server, then you could spin up WireGuard in a docker container and something like Gluetun (with your PIA config) in another container, set the WireGuard container to route all traffic through Gluetun and away you go.
Connect to your WireGuard instance as the entry node, by forcing all traffic from the WireGuard container through Gluetun with your PIA config you’ll be using PIA as your exit node, and the IP address you’re browsing from.
Is there any advantage to this? Kind of, your traffic is being encrypted twice, but at the expense of higher latency and potentially reduced speed.
That’s how I understand it anyway! I’d be interested to know if anyone agrees or if I’m just an idiot!
You know you don’t need to 0.0.0.0/0 on WireGuard right?!
This was somewhat my thinking on it as well as far as the higher latency due to it being encrypted twice. It wasn’t really a necessary step for me, I was just asking out of curiosity but specifically to see if it would be more secure for torrenting. Didn’t realize there were so many types of VPNs until recently lol
I appreciate the feedback though!
Sure, I’m doing that exact thing. But OP sounded like he wanted to use two VPNs chained to each other for internet privacy, so I expected him to ask about that kind of setup.
Ok, so security/privacy wise, you would potentially benefit from a double VPN setup. Having a quick look, PIA doesn’t offer double-VPN servers. However, you could create one by connecting to their service twice, I only know how to do this from a Docker, but it works well.
You’d have to have a setup a bit like this. You’d build 3 containers (or possibly a single stack) like this:
Torrent Client
VPN1
VPN2
VPN containers 1 and 2 would run Gluetun and have PIA config, each would be connected to a different location. As part of the config, you’d tell your torrent client container to route its traffic through VPN1, and VPN1 to route its traffic through VPN2. With thus approach you’d be sending/receiving traffic through 2 VPN servers.
Jim’s Garage on YouTube has a very good tutorial on setting this up.
A key thing to remember here, is that WireGuard isn’t a VPN on its own, it’s a VPN protocol. In your case, PIA is your VPN provider, WireGuard is a protocol which PIA may use when creating the tunnel.