Feature Request: Wireguard



  • Avatar
    Jeremy Markle

    I failed to understand how you used the VPN function. the VPN function is to have the Firewalla app establish a vpn tunnel to your Firewalla device. Clever feature. I thought it was for anonymity VPN service such as that provided https://www.azirevpn.com/wireguard. I still think it could be an advanced option but the boxes need to bring up the CPU a lot more if you want to run VPN throughput equivalent to your Bro throughput.

  • Avatar

    I was looking at the features and anti-features of Algo VPN (a cloud VPN) and noticed that they call OpenVPN a "risky server."

    They use WireGuard.

    Edit: Upon further investigation, WireGuard states the code is not complete yet and "has not undergone proper degrees of security auditing and the protocol is still subject to change."

    It does look promising though.

  • Avatar

    @Wacey thanks for looking into this.  The reason we picked openvpn is purely due to maturity and popularity.  Will look at wireguard for sure in the future.  It is on our long term to do list already.   Thanks to @Jeremy and you. 

  • Avatar
    Jeremy Markle

    @Wacey Wireguard still needs maturity and thorough security auditing but for basic obfuscation similar to Algo's and Streissand's business modesl, it is more then acceptable. For its performance it is very choice for this device and usage model. IPSec/L2tp would be an acceptable protocol suite for mobile devices since they typically have hardware accelerated crypto but IPSec is a nightmare and not as fast.

Please sign in to leave a comment.

Powered by Zendesk