Announcement

Collapse
No announcement yet.

WireGuard Is Now Available For pfSense

Collapse
X
Collapse
 
  • Page of 2
  • Filter
  • Time
  • Show
Clear All
new posts
Previous 1 2 template Next
  • #1

    WireGuard Is Now Available For pfSense

    Phoronix: WireGuard Is Now Available For pfSense

    The domination of the open-source WireGuard secure VPN tunnel not only on Linux systems but BSDs too... WireGuard is now available on pfSense, the FreeBSD-based firewall/router focused software platform...

    WireGuard Is Now Available For pfSense - Phoronix
    http://www.phoronix.com/scan.php?page=news_item&px=WireGuard-pfSense-Introduced
    Phoronix, Linux Hardware Reviews, Linux hardware benchmarks, Linux server benchmarks, Linux benchmarking, Desktop Linux, Linux performance, Open Source graphics, Linux How To, Ubuntu benchmarks, Ubuntu hardware, Phoronix Test Suite
    Tags: None
  • #2
    I don't use pfSense anymore, but I hope wireguard will hit OPNSense in the next iteration. Then I'll consider trying it!
    http://www.dirtcellar.net
    • Likes 2

    Comment

    • #3
      Wireguard works fine at OPNsense. There is a package available PFsense is very late with WG support

      Comment

      • #4
        Originally posted by waxhead View Post
        I don't use pfSense anymore, but I hope wireguard will hit OPNSense in the next iteration. Then I'll consider trying it!
        OPNSense has had wireguard support for at least since summer, maybe even before. It's PFSense that was lagging behind, because they didn't want to use half-baked wireguard solutions and instead decided to wait for proper FreeBSD mainline support.

        Comment

        • #5
          Originally posted by Leprechaunius View Post

          OPNSense has had wireguard support for at least since summer, maybe even before. It's PFSense that was lagging behind, because they didn't want to use half-baked wireguard solutions and instead decided to wait for proper FreeBSD mainline support.
          Yeah , but wireguard is not installed by default. You have to install a package for that to work. I tend to avoid plugins / packages that I am not sure will break after a update and where I am not sure it is maintained / security updated properly. I feel safer/better if it is part of the "default package" as that in theory should mean it is better suppored.
          http://www.dirtcellar.net

          Comment

          • #6
            Originally posted by waxhead View Post
            I don't use pfSense anymore, but I hope wireguard will hit OPNSense in the next iteration. Then I'll consider trying it!
            Wireguard is available in OPNSense as a addon package for quite a while. We're using it for site-to-site connections for some month and it has proved to be stable so far. It's a bit annoying to setup routes, because this has to be done directly in the connection setup instead of central routing setup, and it's lacking stuff like ldap authentication for road warriors. Except of that, no complaints.

            Edit: The forum didn't show me the last posts, so sorry for double answer

            Comment

            • #7
              As long as Wireguard only uses UDP, it will never dominate in corporate spaces. It will end up like KVM in shops that are VMWare dominant. Available but never used.

              Comment

              • #8
                Originally posted by edwaleni View Post
                As long as Wireguard only uses UDP, it will never dominate in corporate spaces. It will end up like KVM in shops that are VMWare dominant. Available but never used.
                You realize that UDP is the foundation for HTTP 3.0, since TCP is to slow. So, why will UDP not work for a vpn if it is ok for next gen HTTP?

                Comment

                • #9
                  Originally posted by AnAccount View Post

                  You realize that UDP is the foundation for HTTP 3.0, since TCP is to slow. So, why will UDP not work for a vpn if it is ok for next gen HTTP?
                  My guess? Corporate risk-averse mindset.

                  Corporations -- at least those who aren't themselves producing cutting edge network tech and selling it via a subscription model for a fortune with all sorts of whizz-bang marketing accompanying it -- want mature, stable best-practices to lean on to mitigate risk.

                  Give HTTP 3.0 and wireguard 5 years on the market and you'll see corporations adopt both with rarely a sneeze.

                  Comment

                  • #10
                    Originally posted by edwaleni View Post
                    As long as Wireguard only uses UDP, it will never dominate in corporate spaces. It will end up like KVM in shops that are VMWare dominant. Available but never used.
                    TCP is no real argument on VPN links. Even with things like OpenVPN you try to avoid using TCP whenever you can. TCP is slow, but TCP over TCP is slow as hell... TCP always tries to maximize bandwidth, but if you stack the bandwidth changing mechanisms of a tcp connection encapsulated in a tcp connection the algorithms go crazy.

                    Comment

                    Previous 1 2 template Next
                    Working...
                    X