Our work advances with MidoriVPN, a private and secure system that uses #wireguard Multiple instances and mesh technology. Soon to be integrated into #midoribrowser.
Question to #sysadmin and #selfhosted specialists. We are looking for a free and preferably open-source #wireguard solution with MFA for ~200 devices. Closest that I was able to find was #defguard, but it allows people to self-register devices and not so granular access per-user. We need to control access through VLAN so we have to control each device rather than user.
@clarity We only have Linux clients, and I plan to distribute the config & keys via ansible. Every user has to bring in their device either way, because of the upgrade to 24.04
wow! geiles verfahren. insbesondere rethink dns kannte ich noch nicht. aber da dieses mehrere wireguard endpunkte parallel verwalten kann wird das nun mal angetestet. happy hacking!
@stefano great tutorial. 🙂
I do something very similar. My home lab is exposed via IPv6, but sadly IPv6 only is still not a viable option. Too often, I find myself in networks where IPv6 is disabled.
I have a VPS with an IPv4 where I use soccat to proxy ports 443 and 80 to my home lab server (connected via a Wireguard tunnel). The reverse proxy itself is running directly in my home lab.
🎉 NetBSD 10.0 Released With Much Improved Hardware Support & Faster Performance | Phoronix
「 #NetBSD 10 provides #WireGuard support, support for many newer #Arm platforms including for #AppleSilicon and newer #RaspberryPi boards, a new Intel Ethernet drive, support for Realtek 2.5GbE network adapters, #SMP performance improvements, automatic swap encryption, and an enormous amount of other hardware support improvements that accumulated over the past 4+ years 」
@retiolus@linuxquestions is the WG server in a container or running on the host system? Not sure if that's relevant, but it might be a starting point.
You'll also need to define a route from 10.10.10.0 to 192.168.2.0.
"Die Anzahl der Geräte, die wir in unserem Heimnetz nutzen, ist in den letzten Jahren deutlich gestiegen. Darunter sind auch Geräte, denen wir nicht gerne vollen Zugriff auf das Heimnetz und Internet überlassen wollen. Doch meist ist es kaum möglich, beispielsweise den Internetzugriff zuverlässig zu beschränken. In diesem Video zeigen wir die freie Routersoftware OpenWRT, die solche Funktionen bietet, allerdings auch ein Netzwerk-Grundwissen bei der Einrichtung voraussetzt."