• Hey guys,

    Now that WireGuard is officially 1.0.0 and the Linux kernel will include it by default, would it be time to start including it the following pfsense releases too even as a plugin option?

    The security audits have been completed and I would like to see a faster vpn option for all of us.

  • Rebel Alliance Developer Netgate

    That means nothing for Wireguard on FreeBSD. pfSense is not based on Linux.

    As we've mentioned elsewhere, we're working on getting it into FreeBSD properly (i.e. in the kernel) but it's a long-term project.


  • As far as I know, Wireguard also supports FreeBSD platform. Assuming that pfsense can run Go code, it seems like it could be possible that Wireguard could be included as a package.

  • Rebel Alliance Developer Netgate

    We are aware, but that is unstable and runs in user space and cannot be anywhere near as fast as if it were in the kernel like it is on Linux.

    It's not worth including until it's done properly.


  • It looks like Wireguard is making the move into FreeBSD kernel:

    https://reviews.freebsd.org/D26137

    I'm not familiar with this development process, so is there any guesstimate on how long would it take to be merged, and later adopted into pfSense?


  • @jimp Yes would love this feature as wel. Tested it and works really fast en easy to setup. Timeline even for beta release would be great.
    OpenVpn has so much overhead, and just does not meet the speed requirements with low(er) end hardware.