@clarity We only have Linux clients, and I plan to distribute the config & keys via ansible. Every user has to bring in their device either way, because of the upgrade to 24.04
🎉 NetBSD 10.0 Released With Much Improved Hardware Support & Faster Performance | Phoronix
「 #NetBSD 10 provides #WireGuard support, support for many newer #Arm platforms including for #AppleSilicon and newer #RaspberryPi boards, a new Intel Ethernet drive, support for Realtek 2.5GbE network adapters, #SMP performance improvements, automatic swap encryption, and an enormous amount of other hardware support improvements that accumulated over the past 4+ years 」
I had a docker ...VPN setup... w/ #wireguard working for a while, but no matter which image I used for the network bridge the wireguard part connects, but stopped working. Then I switched to OpenVPN, which is sadly a lot slower, but my 2 month broken setup started working!
@leetNightshade
maybe that is because OpenVPN uses TUN, and WireGuard doesn't.
Haven't looked at the details (and docker is a plague :-p) but "glueTun" suggests that it does something TUN specific
@Doomed_Daniel You mean in terms of speed? I heard, I just don't have an idea of what TUN is yet. Oh user space instead of kernel space, makes sense!
I'm just disappointed Wireguard randomly broke out of the blue with no changes on my end as far as I can tell; many other docker VPN people affected by this across different images from what I'm reading.
I'm just sad while I got my setup working, it's not running the way "it's supposed to." 😅
Am I doing something wrong or why does everyone hype #wireguard so much? I don't think it is easy to setup. Maybe I a missing the go-to simple tutorial. All the tutorials I found don't work or are overly complicated.
I just want to try whether wireguard might be better than ssh-tunnels.
Shouldn't be too hard to setup wireguard on a blank ubuntu 22.04 server? Should it?
Also: the wg android app seems to just not connect and not even give a status?!?
Why does it say it is connected but its not?
#openwrt and #wireguard are ace! With a Gl-iNet AR-750S I'm connecting to any rando internet connection and appearing the rest of the world as if I'm sat on my sofa*
*I am, I'm testing it in prep for holiday by tethering my mobile over USB onto the giffgaff network; but there is no hint of the mobile network in the traceroute
@scudderfish indeed! I have the side switch set to enable/disable VPN so that I can first connect without VPN, enter whatever is needed on the captive portal of the hotel, then flick the switch so I don't even need to open the admin page again
im in a public library, and i think they throttled my wifi, because Apparently, you're not allowed to push Gigabytes worth of data over your own #WireGuard connection :(
Gitea behind Nginx as a reverse proxy, or god forgive me, multiple reverse proxies, behaves differently.
you need to make sure that Nginx allows for the payload to be big enough to send the data, makes sense. i thought git lfs worked over ssh as well, turns out that part goes over http :/
@bram just rigged all this gitea up as well, but with apache instead. hopefully i remember you discovered this if i start running into weird post limit glitches.
Versuche gerade, #WireGuard#VPN zu meiner FRITZ!Box einzurichten. Der WireGuard Client am Mac und auch am iPhone sagen jeweils, dass die Verbindung aktiv ist aber dann funktionieren jeweils keinerlei ausgehende Verbindungen mehr. Währenddessen wird in der FRITZ!Box auch nicht angezeigt, dass eine VPN Verbindung aktiv wäre.
Wo fange ich da an zu suchen?
@joy Thanks for the reply, Joy. The reason I tagged @zerotier is because it's hard to mention mesh VPNs without mentioning the notable incumbent in the industry.
I didn't mean to imply that ZeroTier uses WG or Noise protocol.
If you've followed our recent posts, you already know that we gave Shorewall a try to tidy up our VPN firewall rules and gain full overview about our configuration. Our migration to Shorewall has been successful and we'd like to share some insights in our configuration:
Shorewall by Tom Eastep is just perfect for small to mid size firewall deployments that are mostly static and not too complex. One of our developers uses OpnSense and PfSense for more complex scenarios in his private projects.
Which firewall / configuration tool do you use and why?
👩🏽💻 Interested in accessing your Nextcloud from anywhere, on any device, without being exposed to the public internet?
🔐 Increase your security and keep your users and data safe!
🕸️ @tailscale allows you to create a mesh network on your mobile, desktop, and servers - all protected by #Wireguard VPN and as user friendly as it gets.
Alex shows us how in this speedy less-than-10-minutes tutorial 🦾
We're currently evaluating Shorewall 1 as a more sophisticated Firewall / iptables configuration tool.
Configuring iptables manually 2 works, but can get messy and thus is error prone. For our VPN server with its many customer VPNs, we are looking for a clearer solution that can be easily configured via configuration files. One of our developers has already used Shorewall and is impressed by the software. It was therefore a natural decision to take a look at it.