"Althea" == Althea Shaheen via WLUG <wlug@lists.wlug.org> writes:
I run it on my pfSense firewall, but pivpn is also a great option if you'd rather port forward to a different device.
Do you have it so that if you have multiple internal devices behind your firewall, your external client can reach all those devices? I'ev been playing, but I'm sure I'm mssing something. For example: Internal network: 192.168.1.0/24 host A 192.168.1.10/32 host B 192.168.1.20/32 Firewall: 192.168.1.254 WG: 192.168.200.0/24 Client: 200.150.100.50 (made up) Ideally I'd like my client to be able to access host A or B from the road using the WG tunnel. Would I need to assign WG addresses to these hosts? Or would I just rounte 192.168.1.0/24 via wg0 on the client? That's the trouble I'm having. I also want to setup a Wireguard tunnel between home and my VPS in the cloud to make backups easier and simple. I could just do an SSH tunnel, but I'd prefer not since it's a pain for this one application to setup. So my VPS has both it's public IP, and then I have a WireGuard IP and route setup so that I can reach into the home network. And possibly also allow connections to the VPS from other clients as well. Very mesh like. John
On Wed, Dec 13, 2023, at 16:30, John Stoffel wrote:
> "Althea" == Althea Shaheen via WLUG <wlug@lists.wlug.org> writes:
I've been busy, so I'm coming back to this late...
I use a wireguard VPN on my phone anytime I leave my house, mainly for ad blocking. I run pi-hole at home to block ads network wide, and when I leave wifi, my phone automatically joins the VPN at home and uses the same pi-hole servers for DNS. Internet traffic is still directly through my carrier (so split tunnel) but my DNS is hidden from them and ad free!
Do you run wireguard on your firewall or do you pass it inside into a base host?
-thea
On Sat, Dec 9, 2023, at 03:54, Jon "maddog" Hall via WLUG wrote:
However, they still rely on the trust in the ownership/VPN service country's laws and policies. A VPN service is effectively a 'man in the middle'. This is why everyone should train their mother to offer a secure ISP/VPN service. "Mom's VPN: Do you trust your Mom?" md
On Fri, Dec 8, 2023 at 11:44 AM Kevin Stratton via WLUG <wlug@lists.wlug.org> wrote:
VPN services are a good tool for privacy. However, they they still rely on the trust in the ownership/VPN service country's laws and policies. A VPN service is effectively a 'man in the middle'.
On 12/8/2023 3:13 AM, Robert Schwein via WLUG wrote:
You've pretty much hit the high points Chuck. From my own experience when going overseas if I'm able to VPN to the country I'm going to, the rental car reservation is considerably less in cost to reserve that car than if I reserved it from state side. I'm assuming there is a difference between a poor native and a rich American.
Bob
On 12/8/2023 12:56 AM, Chuck Anderson via WLUG wrote:
On Thu, Dec 07, 2023 at 09:08:00PM -0500, Doug Mildram via WLUG wrote: So, maybe or maybe not, that's the kind of VPN I suspect they're selling, but I don't see the value for normal folks....or maybe anyone. (educate me!) Unless their hosted-server-world-route network security is a win. Thanks for listening, and my thursday's look better than usual this month, so hoping for WLUG virtually dec 14. -doug Yes. Those "modern" VPNs are used for many reasons. Here are a couple:
- To appear to servers/services that you are physically located in a different geographical area. This can help you bypass geographically restricted content, such as watching sports programs that content owners don't want you to see based on where you live (local sports broadcast blackouts). Or trick hotels into giving you a better price--yes, hotels can hike the rates they present to you if they think you are nearby--assuming you need last-minute accomodations while you are away on vacation.
- To hide your real IP address from servers and/or hide your browsing from intermediaries (your ISP for example) for privacy. This could be so you can avoid being tracked and having your browsing habits sold to advertisers (something your ISP can easily do--SSL does not hide DNS queries although that is changing with the availability of DNS-over-HTTPS and similar), to hide from authorities/copyright enforcers, or for life-and-death reasons (hide from unfriendly governments.) _______________________________________________ WLUG mailing list --wlug@lists.wlug.org To unsubscribe send an email towlug-leave@lists.wlug.org Create Account:https://wlug.mailman3.com/accounts/signup/ Change Settings:https://wlug.mailman3.com/postorius/lists/wlug.lists.wlug.org/ Web Forum/Archive:
https://wlug.mailman3.com/hyperkitty/list/wlug@lists.wlug.org/message/ZC4W3C...
_______________________________________________ WLUG mailing list -- wlug@lists.wlug.org To unsubscribe send an email to wlug-leave@lists.wlug.org Create Account: https://wlug.mailman3.com/accounts/signup/ Change Settings: https://wlug.mailman3.com/postorius/lists/wlug.lists.wlug.org/ Web Forum/Archive:
https://wlug.mailman3.com/hyperkitty/list/wlug@lists.wlug.org/message/TI4DEB... _______________________________________________ WLUG mailing list -- wlug@lists.wlug.org To unsubscribe send an email to wlug-leave@lists.wlug.org Create Account: https://wlug.mailman3.com/accounts/signup/ Change Settings: https://wlug.mailman3.com/postorius/lists/wlug.lists.wlug.org/ Web Forum/Archive: https://wlug.mailman3.com/hyperkitty/list/wlug@lists.wlug.org/message/2OD7QH...
_______________________________________________ WLUG mailing list -- wlug@lists.wlug.org To unsubscribe send an email to wlug-leave@lists.wlug.org Create Account: https://wlug.mailman3.com/accounts/signup/ Change Settings: https://wlug.mailman3.com/postorius/lists/wlug.lists.wlug.org/ Web Forum/Archive: https://wlug.mailman3.com/hyperkitty/list/wlug@lists.wlug.org/message/E6KICZ...
_______________________________________________ WLUG mailing list -- wlug@lists.wlug.org To unsubscribe send an email to wlug-leave@lists.wlug.org Create Account: https://wlug.mailman3.com/accounts/signup/ Change Settings: https://wlug.mailman3.com/postorius/lists/wlug.lists.wlug.org/ Web Forum/Archive: https://wlug.mailman3.com/hyperkitty/list/wlug@lists.wlug.org/message/532CN4...
WLUG mailing list -- wlug@lists.wlug.org To unsubscribe send an email to wlug-leave@lists.wlug.org Create Account: https://wlug.mailman3.com/accounts/signup/ Change Settings: https://wlug.mailman3.com/postorius/lists/wlug.lists.wlug.org/ Web Forum/Archive: https://wlug.mailman3.com/hyperkitty/list/wlug@lists.wlug.org/message/NK7RYA...