Ich habe gerade erfolgreich mit #WireGuard ein #VPN zwischen zwei Geräten (Mobiler PC mit #LinuxMint und #iPhone) und dem Heim-Netzwerk über eine #FritzBox eingerichtet. Das ganze hat weniger als 15 Minuten gedauert.

Netzwerkverkehr läuft über #IPv4 und #IPv6.

Das fühlt sich gerade ein bisschen zu gut an um wahr zu sein.

Primary Wireguard Topologies:
1. Point to Point
2. Hub and Spoke
3. Point to Site
4. Site to Site

https://www.procustodibus.com/blog/2020/10/wireguard-topologies/

Filed under: Infragram
https://www.are.na/block/36249906

Tribute to the TUNNEL training by @JulianOliver recently attended by an Institute delegation

Would you be interested into an alternative #IPv6 Tunnelbroker service? Hosted and located in Germany, offering free IPv6 subnets (not sure about sizes, sth. between /64 - /48) that can be used by #SIT, #GRE, #OpenVPN or #Wireguard tunnels. Currently, this is already available but only for @BoxyBSD users.

Interested in an easy to use one-click for users #Wireguard setup?

We are maintaining an #IPv6 enabled and up-to-date version of #wg-access-server.

Want new features or contribute?

Go here:
https://github.com/freifunkMUC/wg-access-server

Our own VPN servers are also running this server.

https://vpn.ffmuc.net

I forget who the Arch Linux expert out there is, but I can't get wireguard to resolve DNS at all. And my laptop has the exact same setup, and it works fine. I have tried everything I can think of or look up. If anybody out there can help me shed some light on this, I'm using a ProtonVPN config. Thanks! And a boost would be welcome if you're amenable... ;>)

If you have used and loved #Tailscale, and you still like the product but want a sensible insurance option to reduce your exposure to potential #enshittification, what *hosted* options have you looked at as alternatives?

Part of the appeal of #Tailscale for me at least was that they provided a really thoughtful UX layer over some existing cool OSS tech like #wireguard.

Also, many of us have tried self-hosting and want to minimise what they self host if at all possible.
https://mastodon.social/@JonathanGerlach/114302498688902923

@zak I'm running #tailscale with exit nodes on my home network, so when I enable it on my phone, I get both ad-blocking DNS (pihole at home) and access to home resources at the same time. Based on #wireguard.

FFS! A server can't run both #Docker *and* #Wireguard on #Linux.

Docker creates a "bridge" network interface which, apparently, interferes with WireGuard.

That was a depressing evening of eliminating the impossible. Completely stopping Docker allowed my VPN to connect.

And there's no way to actually run a Docker container without the network bridge (any documentation that says otherwise is lying).

First look Midori Browser with browsing VPN.

Midori Browser with VPN.... coming soon.

Behind all this there is @opensuse being the best distro :-)

Here is a homebrew tap to install the proxyguard-client for #Wireguard on #MacOS.

It also provides a little wrapper to setup the correct routes etc

https://github.com/freifunkMUC/homebrew-proxyguard-client

This way you can easily use Wireguard over HTTP/HTTPs.

Got some JetKVMs. Had some fun, got WireGuard running: https://simonmicro.de/blog/hacking/wireguard-vpn-on-a-jetkvm/

#SysadminLife pondering…

Given
- Remote #Debian/#Ubuntu server
- can‘t be accessed from internet
- behind (CG-)NATv4, no IPv6
- can reach any outside tcp/udp port

- A network under my full control
- Firewall can do: #IPSec, #Wireguard, #OpenVPN, #Tailscale/#Headscale Client
- I can self host any opensource service/container, and expose it

Challenge
- Make services on that server accessible TO my network
- server MUST NOT reach ONTO my network
- No 3rd party service dependence

Revolutionizing Home Networking: Semi-Automatic iPhone Internet Failover with NixOS

In an era where reliable internet is paramount for remote work, a tech-savvy developer has crafted an innovative solution using NixOS for seamless WAN failover. By leveraging an iPhone as a backup con...

https://news.lavx.hu/article/revolutionizing-home-networking-semi-automatic-iphone-internet-failover-with-nixos

Hey #homelab users!

You probably already know me by my free @BoxyBSD project and I often got asked about IPv4 addresses. Currebtly, I tinker with a new but also honestly not free service. The idea is creating a static IP service for homelab users. I'm aware that there're already some around, so what could be some benefits here?

- Static single #IPv4 & #IPv6 /48 (so you can subnet your homelab to several /64 without breaking #slacc)
- Bigger subnets (IPv4: /29, /28, /27 | IPv6: /32)
- Full RIPE personalization (inc. abuse & Co)
- #OpenVPN, #Wireguard, #GRE Support
- Auto configure (e.g., you load the wireguard config on any client and the addresses Arena immediately bound to that interface)
- Split usage / multiple tunnels: Use different IPs from your subnets at different locations
- Integration into #BoxyBSD
- Location in Germany or Netherlands (selectable)
- Hosted on redundant #FreeBSD nodes

Pricing:
- The starter package probably around 10€/month (not more) + 15€ setup including 2T traffic
- Pricing for addiriinal/larger subnets not yet sure, probably higher setup fees to avoid hoppers and spamers to keep the addresses clean
- Optional traffic packages (when exceeding speed Limit of 10Mbit which should still be ok for most homelabs)

World this be interesting? Im aware that many ones already do this by VPS themselves, so this might just be a bit easier and optionally offering whole networks including RIPE personalizations.