I'm interested in setting up #WireGuard on my #Debian colo, as a #VPN solution for my phone when I'm on untrusted networks. But the quick start guide being a video is really putting me off, and the examples seem to be purely about ad-hoc peer-to-peer networking rather than a gateway.
I'm tempted to go back to my comfort zone with #OpenVPN, but I'll stick with it. At some point it'll click and I'll write a HOWTO.
I’m running a manual #ProtonVPN #wireguard configuration on my router and #SlingTV via my #Roku does not like it. Anyone else figure out how to get #Sling to work through a #VPN?
right right right, when not using the host IP, the source IP comes from the cluster, despite cilium egress gateway being enabled
so I had to add the pod network range to AllowedIPs on the cloud side, and that is indeed different on the new cluster.
this of course is not ideal, because if I wanted to join multiple, I could, but I'd have to modify the talos wireguard config, with the node's podCIDR which is known only after joining the cluster.... bleh
There should be some masquarading going on with the egress gateway, right?
Anyhow this is exactly the issue I was facing a while ago when I lost momentum on the blog the last time so it has gone full circle
#Homelab #Kubernetes #Wireguard #Networking
@bradley I'm NOT exposing my #pihole (s) directly to the internet - I use one at home and another one via #wireguard #vpn whereever I may roam 
Exposed ports for GUI and "healtchecks" are on a "random" highport which keeps logs mostly clear of "noise". Sometimes some scanners like #censys (or #shodan ) might also find these ports, but #iptables is very helpful 
Feel free to ask my via PM if something is not clear. I like feedback to make my docs better.
@zak I'm running #tailscale with exit nodes on my home network, so when I enable it on my phone, I get both ad-blocking DNS (pihole at home) and access to home resources at the same time. Based on #wireguard.
Cross open source collaboration: ConnMan connecting LibreElec and SailfishOS maintainers to get wider testing for the WireGuard changes. More info on https://forum.libreelec.tv/thread/29601-wireguard-experimental-support-for-connecting-via-fqdn-not-ip/
@Edent I use #freedombox which includes #nextcloud. I wonder if this means I can't run #wireguard?
Here is a homebrew tap to install the proxyguard-client for #Wireguard on #MacOS.
It also provides a little wrapper to setup the correct routes etc
https://github.com/freifunkMUC/homebrew-proxyguard-client
This way you can easily use Wireguard over HTTP/HTTPs.
Wonder if someone has a good suggestion for udp port that's not commonly blocked on public wifi at airports and the like. DNS is out, so is NTP. Maybe Ike (500)? Something else ? This might be futile of course ...
Kennt jemand eine Open Source-Variante von #tailscale? #WIreguard ist einfach, aber das zentral zu managen finde ich angenehm, mit einem #Zero-Trust-Ansatz ist das hübsch....
@StaceyCornelius In the past I did configure seperate systems for clients so they can travel without fuss regardless if "P.R." #China or #Russia or the #USA or #KSA...
Using @tails_live / @tails / #Tails and @torproject / #TorBrowser and when that's not an option, a #SSH-Tunnel / #OpenVPN or #WireGuard-#VPN to be able to #VNC into a machine.
CONSIDER THE #US ENEMY TERRITORY AS IN "If you wouldn't enter #NorthKorea, then why would you enter the USA?"
Ok ##wireguard and #homelab heads. I'm having a hard time figuring this out. I have a service that I'm hosting that I'm currently routing all of it's outbound traffic through a VPN provider and wiregaurd. However, when I do that I lose all connectivity to the service because.. All traffic is moving through wiregaurd. I have tried AllowedIPs= that didn't seem to work. I tried a bunch of Preup and PostUP stuff and that didn't seem to work.
@ceresbzns You'd probably hate it, as it involves using short-lived nfs mounts through #wireguard tunnels. The hosts in the LAN copy the certs they need in this way. Systemd timers automate this "pulling". I only had to write 10 lines of bash code, in the way of actual programming.
Der neue OpenWrt One spricht Freifunk.
Und da das LeineLab über einen hervorragenden Laser verfügt, haben wir die Skyline Hannovers verstetigt.
Richtig gutes Gerät übrigens. WireGuard Speedtest Nutztraffic 330Mbit/s down, 230Mbit/s up.
I wanted to set up VPN with ad-blocking for laptop and mobile, for when away from home, so I installed FreeBSD 14.2 on a Raspberry Pi 4, because why not?
Followed:
1) https://www.zenarmor.com/docs/network-security-tutorials/how-to-install-wireguard-on-freebsd
(only using IPv4)
Seems to work as intended, but I'm not sure if ~500 ms ping times are normal for 5G mobile connection through VPN.
Yes, for some reason, #KDE is way better than #Linux Mint's Cinnamon (or Mate) desktop (LM22), when one has multiple #Wireguard connections. 
I'm also really liking how the Bluetooth devices are connected to right from KDE's panel applet - several steps saved. Worked great.
Through a #wireguard tunnel ssh works in both directions.
With wireguard use PersistentKeepAlive on the "forgetting" side of NAT. Usually a home modem does NAT, so the computer that is not at home needs PersistentKeepAlive, and the home modem ideally has a fixed IP address or a DNS host name.
Wow, #ChatGPT actually helped me debug a networking issue I had. My #Wireguard tunnel did not work as expected, most traffic was tunnelled just fine, but some websites I tried to access through it did not want to load and just timed out, even though curl showed me that DNS worked and that it could connect.
The culprit: MTU. Setting it slightly lower to 1410 seemed to fix it for me. Probably due to PPPoE..
#homelab #itsnotalwaysDNS
Odd that /e/os app store fails to find and install #wireguard. Store is logged into google play store. Still it shows some old f-droid version of it, and can't install that either.
| wörk 
