Search results for tag #wireguard
![[?]](https://media.bsd.cafe/bsdmmedia01/accounts/avatars/116/268/246/190/462/981/original/62500699fca4854a.png)
Spent some time messing around with Headscale (self-hosted implementation of the Tailscale control server).
I couldn't get "raw" WireGuard to work the way I wanted through nested firewalls and CGNAT so this seems like a good way to blow all that complexity out of the water. Less complexity is usually more reliable.
Headscale is pretty neat. Painless install on Debian.
Configuring Linux and Windows nodes is simple too - at least from a basic connectivity point of view.
I need to figure out how I'm going to deal with multi-homed DNS scenarios for clients. Something with very little thought and work through yet. Ha.
Now the hard part, picking apart the security and edge cases to use it regularly.
#Headscale #Tailscale #VPN #CGNAT #WireGuard #HomeLab #SelfHosted #SelfHosting #VPS
![[?]](https://media.bsd.cafe/bsdmmedia01/accounts/avatars/110/747/125/107/086/411/original/ed96ee1e70c028cb.jpeg)
#WireGuard for #Windows and #WireGuardNT 1.0 has been released!
https://lists.zx2c4.com/pipermail/wireguard/2026-April/009580.html
![[?]](https://files.mastodon.social/accounts/avatars/114/368/991/106/654/640/original/4055052cf2bcf4e8.png)
Microsoft required ID checks for Windows partners, suspending accounts and blocking updates for VeraCrypt, WireGuard, and Windscribe. 🔒
Slow appeals and no access exposed centralized control over security tools, though Microsoft says accounts are being restored. ⚠️
🔗 https://itsfoss.com/news/microsoft-locks-out-open-source-developers/
#TechNews #Microsoft #Windows #VeraCrypt #WireGuard #Windscribe #OpenSource #FOSS #Privacy #Security #Cybersecurity #DigitalRights #Transparency #Tech #Software
![[?]](https://stockage.framapiaf.org/framapiaf/accounts/avatars/000/115/045/original/08355dabfbb74ab7.png)
En complément :
#Microsoft a bloqué les comptes des développeurs de #VeraCrypt, #WireGuard et #Windscribe.
https://next.ink/232873/microsoft-a-bloque-les-comptes-des-developpeurs-de-veracrypt-wireguard-et-windscribe/
#chiffrement #windows #fuckmicrosoft
![[?]](https://anonsys.net/photo/profile/scriptkiddie.webp?ts=1761409644)
#VeraCrypt, #WireGuard maintainers locked out by #Microsoft, unable to deliver Windows updates
source: cybernews.com/security/microso…
“Microsoft terminated the #account I have used for years to sign #Windows #drivers and the #bootloader,” Mounir Idrassi posted on #Sourceforge, explaining their absence over the past few months.
#software #update #security #cybersecurity #foss #floss #freedom #economy #bigtech #arbitrary #sabotage #fail #problem #news
Location: Matrix
VeraCrypt and WireGuard maintainers cannot release Windows updates after Microsoft suspended their accounts, leaving users potentially exposed 🌐
Both projects remain updatable on Linux/macOS, but Windows users must wait as maintainers seek resolution without appeal options 🔐
🔗 https://cybernews.com/security/microsoft-suspends-veracrypt-wireguard-accounts-maintainers/
#TechNews #VeraCrypt #WireGuard #Microsoft #Windows #OpenSource #FOSS #Security #Encryption #Privacy #Software #Updates #Cybersecurity #Freedom #DigitalRights #Transparency
![[?]](https://files.mastodon.online/accounts/avatars/000/165/860/original/9b7f461c68ca98c9.png)
![[?]](https://mastodon-assets.gougere.fr/accounts/avatars/000/000/369/original/22d62f774f88ba53.png)
Si vous connaissez déjà, même superficiellement, le #VPN #WireGuard, vous n'apprendrez rien dans cet article, je n'ai rien fait d'original avec WireGuard (ah, quand même, de l'IPv6) mais, comme je l'ai récemment utilisé intensivement, voici mon expérience et ma configuration : https://www.bortzmeyer.org/wireguard.html
Any Wireguard gurus out there?
Is the following possible?
I have a network behind two firewalls with the outer firewall being on CGNAT.
I can create a WG tunnel via a VPS outside the CGNAT (random VPS on public Internet) to allow hosts on the network inside of the second firewall to expose TCP ports like an adhoc web server or whatever.
This seems to work fine. I can curl a page inside the firewalls by connecting to the public VPS on the configured port for the tunnel.
I've tried to get a Wireguard VPN connection to work over this tunnel.
That is, a client outside the CGNAT firewall tries to create a VPN connection on the inside the second firewall.
Trying to do this by creating a Wireguard VPN connection through an existing Wireguard tunnel.
Both firewalls are OPNSense, remote client can be anything but am trying a Win 11 VM currently.
I still need to spend more time working on it but I'm really not getting anywhere and was wondering...
Is this even possible?
Anyone done this?
Perhaps there is a different/better approach I should try?
👂 👂 All ears. 👂 👂
![[?]](https://media.hachyderm.io/accounts/avatars/109/373/239/614/645/532/original/15ff8f3219d165ea.jpeg)
On the plus side, I have _almost_ all machine to machine comms going over my static #IPv6 #wireguard mesh. The couple remaining things are related to my certificate and DNS setup which are things I hesitate to change at the end of a long day. One of them is going to require moving an authoritative DNS server elsewhere.
Last night instead of going to bed I forgot about daylight saving time and added a statically defined #ipv6 #wireguard mesh between my #homelab servers.
Now I can use that instead of #tailscale for the secure data plane. Tailscale is great and I'll probably keep it for the management plane. The way it aggressively idles connections combined with the first packet seemingly always hitting a DERP server makes stuff feel a lot slower than it should.
![[?]](https://caselibre.fr/photo/profile/l/4)
Je ne sais pas si ce genre de préoccupation est toujours pertinent aujourd’hui, comme je vois le mal partout, j’aurais tendance à supposer que oui, m’enfin bon, je me demande quand même ce que je dois faire pour mes enfants. Artillerie lourde comme avant avec OpenVPN, ou solution un poil plus frugale avec Wireguard utilisé uniquement pour le filtrage DNS parfaitement adaptée dans la mesure où ils ne se connectent à internet que via leur forfait mobile ou le wifi de la maison?
Si vous avez un avis sur la question, je suis preneur.
Alors bon, en vrai, la doc de Pi-hole donne des instructions pour faire passer tout le trafic internet du client par le tunnel Wireguard, il suffit de pas grand-chose, mais c’est vrai que ce n’est pas le comportement par défaut, tel que ça l’était pour OpenVPN. On pourrait se poser la question de la quantité de données, mais bon, à la maison on a la fibre, du coup, c’est pas trop un problème. Et le Raspberry Pi 1 qui fait office de serveur Pi-hole/OpenVPN n’a jamais moufté jusqu’ici, et les garçons ne se sont jamais plaints de problèmes de connexion. Cela dit, je me pose des questions.
![[?]](https://files.mastodon.social/accounts/avatars/108/288/607/816/054/957/original/44ef33fd13454e94.png)
Pangolin 1.16 tunneled reverse proxy adds SSH auth daemon, server-side pagination, and improved private resource visibility.
https://linuxiac.com/pangolin-1-16-tunneled-reverse-proxy-adds-ssh-auth-daemon/
#opensource #reverseproxy #vpn #wireguard
Alt...
Pangolin 1.16 tunneled reverse proxy adds SSH auth daemon, server-side pagination, and improved private resource visibility.
![[?]](https://media.burningboard.net/accounts/avatars/109/892/491/632/731/847/original/22ff3e71df4e5854.jpeg)
Ich habe jetzt ein kleines Skript im Einsatz, das jede Minute die IP-Adresse prüft und die Verbindung automatisch repariert 👍