Wireguard Status
-
I have a netgate 7100 1u running the most recently released 23.01 rel3ase. I wanted to try out wireguard in a production environment but the documentation says wireguard is still classically a beta. What is the status of wireguard...does netgate consider it production ready?
-
There are many people using it in production but it is still relatively new. I'm not aware of any particular issues with it currently.
-
@hescominsoon I had been using 5 Openvpn connections using ProtonVPN setup as a gateway group. I thought it was fast in the 300’s on my 500 mbps connection. I added wireguard as as tier 1 and changed the Openvpn as backup tiers 2 and 3. My Speedtest have been mostly over 500 mbps since adding the wireguard.
-
@stephenw10 Hello, what is the situation coming from Netgate? will it stay in a package or will it be integrated into pfsense as it was the case at the beginning. I too am strongly thinking of moving my site2site openvpn to wireguarde but the warning message on the documentation is dampening my enthusiasm.
-
The current Wireguard package is no longer marked experimental:
https://github.com/pfsense/FreeBSD-ports/commit/1347e1435c7cc5629cbdb62c0ae7a4a34b7d6311 -
@stephenw10 Hi Stephen, in documentation now.
WireGuard is available as an experimental add-on package on pfSense Plus 21.05, pfSense CE 2.5.2, and later versions. The settings for the WireGuard add-on package are not compatible with the older base system configuration. -
Well the documentation might be lagging a little but the actual package was changed already.
-
@stephenw10
you are right, I just looked in the list of packages and it is no longer experimental.
This is the best news of the day :-)
thank you.
Have a good day. -
@stephenw10 And a big thankyou to Christian McDonald for getting the ball rolling on re-integrating Wireguard after an early false start.
Ted Quade
-
@stephenw10 & @cmcdonald - Yes, a very big thank you for the dedicated work on the wireguard package.
I too am contemplating moving my VPN needs to Wireguard, but I’m missing some “guiding numbers” on expected wireguard performance from the different Netgate appliances.
it would be nice to have iPerf and IMIX numbers from Netgate just like we have on IPsec.
PS: Do you expect Wireguard to be integrated, or will it continue being a add-on package?
