VPN

1

WireGuard

13 minute

WireGuard’s configuration is usually much shorter than IPsec or OpenVPN, and it comes up quickly. The part that is easy to misread is not the small command set, but the fact that it compresses the tunnel, the security session, the routing constraint, and the peer identity into a very tight model. wg0 being up does not mean the service traffic can reach its destination, and a handshake that looks successful does not mean your routes and the peer’s allowed prefixes actually line up.

Read More