Hi,

I am planning to add wireguard.io interface (wg0) to the running
three-interface shorewall (I do not use too complex vyatta-firewall with
(net,loc and dmz) as explained at
https://github.com/Lochnair/vyatta-wireguard and
https://www.digitalocean.com/community/tutorials/how-to-create-a-point-to-point-vpn-with-wireguard-on-ubuntu-16-04
.

I would like to create the router as a private VPN gateway to the upstream
public VPN that supports fireguard, too. The purpose of the setup is to
allow roaming as well as machines in loc zone to connect to this shorewall
instance as a gateway to reach the internet.

Adding a masq wg0 interface with shorewall rules and policy similar to loc
may work, but inputs appreciated for the wireguard clients from outside?


Cheers,
/z

-.. .. ... -.-. .-.. .- .. -- . .-. | -.. .. ... -.-. .-.. .- .. -- . .-.
CONFIDENTIALITY NOTICE AND DISCLAIMER: Access to this e-mail and its
contents by anyone other than the intended recipient is unauthorized as it
contains privileged and confidential information, and is subject to legal
privilege. Please do not re/distribute it.  If you are not the intended
recipient (or responsible for delivery of the message to such person), you
may not use, copy, distribute or deliver the email and part of its contents
to anyone this message (or any part of its contents or take any action in
connection to it. In such case, you should destroy this message, and notify
the sender immediately. If you have received this email in error, please
notify the sender or your sysadmin immediately by e-mail or telephone, and
delete the e-mail from any computer. If you or your employer does not
consent to internet e-mail messages of this kind, please notify the sender
immediately. All reasonable precautions have been taken to ensure no
viruses are present in this e-mail and attachments included. As the sender
cannot accept responsibility for any loss or damage arising from the use of
this e-mail or attachments it is recommended that you are responsible to
follow your virus checking procedures prior to use. The views, opinions,
conclusions and other informations expressed in this electronic mail are
not given or endorsed by any company including the network providers unless
otherwise indicated by an authorized representative independent of this
message.
-.. .. ... -.-. .-.. .- .. -- . .-. | -.. .. ... -.-. .-.. .- .. -- . .-.
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users

Reply via email to