Having followed a tutorial, I could make #WireGuard wg-quick work on my #OpenBSD, but not without DNS query leaks, so I learned I must figure out #unbound - however, a noob like me can only seem to manage to fix configuration errors while unbound itself apparently won't start because of this (which I found out after learning there's more than one way to debug unbound - not elegant, imho):

[1781449588] unbound[95585:0] error: bind: address already in use
[1781449588] unbound[95585:0] fatal error: could not open ports

I figured I should add my VPN interfaces to unbound.conf, but other than that I'm still clueless what else do I need to add or delete.

FreedomBox 26.9 is here! This release enables automatic generation of client keypairs for WireGuard VPN. The client config can be downloaded, or displayed as a QR code, for easier setup.

https://discuss.freedombox.org/t/freedombox-26-9-released/4267

#FreedomBox #FreedomBoxRelease #wireguard

Ich finde #WireGuard super. Tochter hat ihr Laptop mit zu den Grosseltern genommen. Ohne Probleme haben sie eine WLAN Verbindung aufgebaut. Geraet war direkt via WireGuard im VPN.

Passwort fuer die Lernsoftware aus dem Passwort-Manager kopiert und schon kann sie ihre Hausaufgaben machen.

Die Festplatte ist via luks verschluesselt.

Chatten koennen wir ueber einen #XMPP im LAN. Zugriff auf den #Luanti ueber NAT via nft.

Cooler als die iPads in der Grundschule ;-)

#Debian #Linux

https://forums.freebsd.org/threads/wireguard-connection-not-established-due-to-clock-out-of-sync.84824/

donc #wireguard ne doit pas être lancé tant que la synchro ntp n'a pas été faite.

Some red devil and yellow fish are now secretly talking to each through a #WireGuard tunnel on the Internet. Glad it is not that complicated to setup and works OOTB.

My notes are there: https://www.tumfatig.net/2026/connect-freebsd-to-openbsd-using-wireguard/

#FreeBSD #OpenBSD #RunBSD

Le plein de nouveautés sous le capot : C'est basé sur Debian 13 (Trixie) avec le tout dernier Noyau Linux 7.0, Ceph Tentacle 20.2, LXC 7 et OpenZFS 2.4 ! 🐧

Bref, de quoi s'amuser sur nos clusters ! L'ISO est déjà dispo pour les mises à jour 😉

La vidéo officielle juste ici : https://youtu.be/XBVAiwkVaqA

#Proxmox #PVE92 #SysAdmin #OpenSource #Linux #Debian #SelfHosting #Virtualization #WireGuard #DevOps

Thanks to #opensmtpd and #OpenBSD and #openbsdamsterdam my mail server setup just got better. Now I have a working smtp (dkim rspamd SPF dmarc ptr) relay and IMAP frontend that brings the connections with #wireguard to my main mail server. First tests indicate that I don't need external relays anymore. Setup was fun, documentation was perfect.

Seven years of running FreeBSD on ThinkPads alongside Linux — lessons I'd give my younger self

<https://www.reddit.com/r/freebsd/comments/1tedyva/seven_years_of_running_freebsd_on_thinkpads/> @Darknessraptor

＂I daily-drive Linux at work and FreeBSD on my personal ThinkPads (T480 & P52 currently). Both laptops and both operating systems, every day. I'm the kind of person who reads freebsd-update output and Phoronix benchmarks in the same hour.

＂Recently saw the "is FreeBSD really that goated" thread and it brought back the timeline of my own journey. Started with a rough —call it version 0.9 — build that barely had X11 working, evolved through five iterations, landed on something I'd call "production-stable personal desktop" around version 2.0 on FreeBSD 15.0 with a heavily customized MATE, ZFS boot environments, BastilleBSD jails for microservices, WireGuard tunnels and PF.

＂If I could send a packet back in time to my earlier self, here's what I'd put in the payload: …＂

Postscript: @Darknessraptor (quoted above) has joined Mastodon.

The image here is not his, it's for <https://www.reddit.com/r/freebsd/comments/1tedyva/comment/om1t5mg/> because we can all agree that em dashes make scintillating conversation.

#goated #X11 #Wales #FreeBSD #BSD #Linux #ZFS #OpenZFS #Beastie #daemon #MyLittlePony #unicorn #dolphin #rainbow #IBM #Lenovo #BastilleBSD #WireGuard #AI #purple

Alt...

My prompt to ChatGPT: Draw a unicorn that has been genetically combined with a dolphin. The creature is flying across a rainbow whilst a gentle rain falls on lush green Welsh meadows beneath the rainbow. The sky, in the background, is an unnaturally vivid shade of purple. Below the rainbow: a quaint cottage with a person stood at the front door. The person is the mascot for BSD (Beastie). On the lawn in front of the cottage: a badly broken old IBM ThinkPad. In the sky, to the left of the rainbow: instead of a golden sun, place the FreeBSD logo (a red orb with horns).

@PoliceStateUK Get your own VPS and Wireguard. Problem solved.

#wireguard #vps #digitalid #uk #ageverification

Hatte dann endlich mal die Zeit, meinen public server mit WireGuard zu versehen um anschließend ssh (mit agressivem fail2ban gesichert) von extern abzuschalten.

#linux #wireguard #vpn #fail2ban

Just printed a test page on my Mom's printer from 266 miles away. That was fun.

#Wireguard #NetworkAdmin #Linux #CUPS

#WireGuard for #Windows and #WireGuardNT 1.0 has been released!
https://lists.zx2c4.com/pipermail/wireguard/2026-April/009580.html

En complément :

#Microsoft a bloqué les comptes des développeurs de #VeraCrypt, #WireGuard et #Windscribe.
https://next.ink/232873/microsoft-a-bloque-les-comptes-des-developpeurs-de-veracrypt-wireguard-et-windscribe/
#chiffrement #windows #fuckmicrosoft

#VeraCrypt, #WireGuard maintainers locked out by #Microsoft, unable to deliver Windows updates

source: cybernews.com/security/microso…

“Microsoft terminated the #account I have used for years to sign #Windows #drivers and the #bootloader,” Mounir Idrassi posted on #Sourceforge, explaining their absence over the past few months.

#software #update #security #cybersecurity #foss #floss #freedom #economy #bigtech #arbitrary #sabotage #fail #problem #news

Si vous connaissez déjà, même superficiellement, le #VPN #WireGuard, vous n'apprendrez rien dans cet article, je n'ai rien fait d'original avec WireGuard (ah, quand même, de l'IPv6) mais, comme je l'ai récemment utilisé intensivement, voici mon expérience et ma configuration : https://www.bortzmeyer.org/wireguard.html

Any Wireguard gurus out there?

Is the following possible?

I have a network behind two firewalls with the outer firewall being on CGNAT.

I can create a WG tunnel via a VPS outside the CGNAT (random VPS on public Internet) to allow hosts on the network inside of the second firewall to expose TCP ports like an adhoc web server or whatever.

This seems to work fine. I can curl a page inside the firewalls by connecting to the public VPS on the configured port for the tunnel.

I've tried to get a Wireguard VPN connection to work over this tunnel.

That is, a client outside the CGNAT firewall tries to create a VPN connection on the inside the second firewall.

Trying to do this by creating a Wireguard VPN connection through an existing Wireguard tunnel.

Both firewalls are OPNSense, remote client can be anything but am trying a Win 11 VM currently.

I still need to spend more time working on it but I'm really not getting anywhere and was wondering...

Is this even possible?

Anyone done this?

Perhaps there is a different/better approach I should try?

👂 👂 All ears. 👂 👂

#Wireguard #Networking #VPN

On the plus side, I have _almost_ all machine to machine comms going over my static #IPv6 #wireguard mesh. The couple remaining things are related to my certificate and DNS setup which are things I hesitate to change at the end of a long day. One of them is going to require moving an authoritative DNS server elsewhere.

@homelab #selfhosted

Last night instead of going to bed I forgot about daylight saving time and added a statically defined #ipv6 #wireguard mesh between my #homelab servers.

Now I can use that instead of #tailscale for the secure data plane. Tailscale is great and I'll probably keep it for the management plane. The way it aggressively idles connections combined with the first packet seemingly always hitting a DERP server makes stuff feel a lot slower than it should.

#selfhosted @homelab

Je ne sais pas si ce genre de préoccupation est toujours pertinent aujourd’hui, comme je vois le mal partout, j’aurais tendance à supposer que oui, m’enfin bon, je me demande quand même ce que je dois faire pour mes enfants. Artillerie lourde comme avant avec OpenVPN, ou solution un poil plus frugale avec Wireguard utilisé uniquement pour le filtrage DNS parfaitement adaptée dans la mesure où ils ne se connectent à internet que via leur forfait mobile ou le wifi de la maison?

Si vous avez un avis sur la question, je suis preneur.

#OpenVPN #Wireguard #Pi-hole

Alors bon, en vrai, la doc de Pi-hole donne des instructions pour faire passer tout le trafic internet du client par le tunnel Wireguard, il suffit de pas grand-chose, mais c’est vrai que ce n’est pas le comportement par défaut, tel que ça l’était pour OpenVPN. On pourrait se poser la question de la quantité de données, mais bon, à la maison on a la fibre, du coup, c’est pas trop un problème. Et le Raspberry Pi 1 qui fait office de serveur Pi-hole/OpenVPN n’a jamais moufté jusqu’ici, et les garçons ne se sont jamais plaints de problèmes de connexion. Cela dit, je me pose des questions.

#OpenVPN #Wireguard #Pi-hole

Pangolin 1.16 tunneled reverse proxy adds SSH auth daemon, server-side pagination, and improved private resource visibility.
https://linuxiac.com/pangolin-1-16-tunneled-reverse-proxy-adds-ssh-auth-daemon/

#opensource #reverseproxy #vpn #wireguard

Alt...

Pangolin 1.16 tunneled reverse proxy adds SSH auth daemon, server-side pagination, and improved private resource visibility.