Feature Request: Wireguard

Comments

4 comments

  • Avatar
    Jeremy Markle

    I failed to understand how you used the VPN function. the VPN function is to have the Firewalla app establish a vpn tunnel to your Firewalla device. Clever feature. I thought it was for anonymity VPN service such as that provided https://www.azirevpn.com/wireguard. I still think it could be an advanced option but the boxes need to bring up the CPU a lot more if you want to run VPN throughput equivalent to your Bro throughput.

    0
    Comment actions Permalink
  • Avatar
    Wacey

    I was looking at the features and anti-features of Algo VPN (a cloud VPN) and noticed that they call OpenVPN a "risky server."

    They use WireGuard.

    Edit: Upon further investigation, WireGuard states the code is not complete yet and "has not undergone proper degrees of security auditing and the protocol is still subject to change."

    It does look promising though.

    0
    Comment actions Permalink
  • Avatar
    Firewalla

    @Wacey thanks for looking into this.  The reason we picked openvpn is purely due to maturity and popularity.  Will look at wireguard for sure in the future.  It is on our long term to do list already.   Thanks to @Jeremy and you. 

    0
    Comment actions Permalink
  • Avatar
    Jeremy Markle

    @Wacey Wireguard still needs maturity and thorough security auditing but for basic obfuscation similar to Algo's and Streissand's business modesl, it is more then acceptable. For its performance it is very choice for this device and usage model. IPSec/L2tp would be an acceptable protocol suite for mobile devices since they typically have hardware accelerated crypto but IPSec is a nightmare and not as fast.

    0
    Comment actions Permalink

Please sign in to leave a comment.

Powered by Zendesk