Revolutionizing VPN Architectures: A Deep Dive into Multi-Tenant Systems with WireGuard and OpenVPN
Explore the intricacies of building a multi-tenant VPN system that ensures complete isolation using cutting-edge technologies like WireGuard and OpenVPN. This article delves into the technical steps a...
Eigener VPN-Server mit DockoVPN
Richte deinen eigenen VPN-Server zum sicheren Zugriff auf dein Heimnetzwerk mit Docker und OpenVPN ein.
This is one of the best #VPN roundups I've seen recently and covers a lot of different uses.
I was surprised the writer thought the #mullvad payment system was unique. If memory serves #ivpn offers something similar.
The really unique thing about Mullvad is how well its #openvpn config files work in my opinion.
This means you don't need to trust any extra software, which I imagine is crucial in repressive regimes.
And I'm not sure #hotspot shield is a good choice based on its ownership history either.
That said, this is generally good advice.
https://www.pcworld.com/article/406870/best-vpn-services-2.html
Would you be interested into an alternative #IPv6 Tunnelbroker service? Hosted and located in Germany, offering free IPv6 subnets (not sure about sizes, sth. between /64 - /48) that can be used by #SIT, #GRE, #OpenVPN or #Wireguard tunnels. Currently, this is already available but only for @BoxyBSD users.
Does anyone know how this new SSL cert expiry date thing is going to affect things like user authentication with SSL certs, i.e. for openvpn.
If we're running our own CA, can I get safari, chrome et al to accept longer cert expiry?
I'm interested in setting up #WireGuard on my #Debian colo, as a #VPN solution for my phone when I'm on untrusted networks. But the quick start guide being a video is really putting me off, and the examples seem to be purely about ad-hoc peer-to-peer networking rather than a gateway.
I'm tempted to go back to my comfort zone with #OpenVPN, but I'll stick with it. At some point it'll click and I'll write a HOWTO.
#DerStandard:
"
Trumps Kürzungsrausch gefährdet für das Internet wichtige Open-Source-Projekte
Die neue US-Regierung entzieht dem Open Technology Fund die Mittel. Von diesem sind unter anderem Let’s Encrypt, Tor und F-Droid finanziell abhängig. Der OTF hat Klage eingereicht
"
https://www.derstandard.at/story/3000000263520/lets-encrypt-tor-trump-kuerzungen-gefaehrden-fuer-das-internet-wichtige-open-source-projekte?ref=article
30.3.2025
I just received a concerning email from the OTF (@opentechfund.bsky.social) stating that a major source of their funding is in jeopardy.
If you care about open-source, anti-censorship, or the open internet, please consider supporting one of the projects they fund.
#FOSS #OpenSource #TechNews
#USPol #Politics #News #PoliticalNews
#NetNeutrality #EFF
#Wikimedia #Signal #SignalApp
#TOR #TAILs #OpenVPN #VPN #LetsEncrypt #HTTPS #SSL
#Censorship #AntiCensorship
Und Gott sprach: "Lächle, es könnte schlimmer kommen."
Und er lächelte und es kam schlimmer:
Die US-Regierung unter #Trump hat Fördermittel für den Open Technology Fund (#OTF) blockiert.
Betroffen sind u.a. #LetsEncrypt, das #Tor-Netzwerk, #OpenVPN und F-Droid.
Der OTF klagt nun auf Freigabe der Mittel. Rund 650.000 $ fehlen allein für laufende Kosten im März.
#Tor
#LetsEncrypt
#OpenVPN
#FDroid
#OTF
US-Behörde stoppt Gelder für Let's Encrypt und Tor ‒ Open Tech Fund wehrt sich | heise online
https://www.heise.de/news/Nach-Trump-Dekret-Kampf-um-US-Foerdermittel-fuer-Tor-F-Droid-und-Let-s-Encrypt-10328226.html
@StaceyCornelius In the past I did configure seperate systems for clients so they can travel without fuss regardless if "P.R." #China or #Russia or the #USA or #KSA...
Using @tails_live / @tails / #Tails and @torproject / #TorBrowser and when that's not an option, a #SSH-Tunnel / #OpenVPN or #WireGuard-#VPN to be able to #VNC into a machine.
CONSIDER THE #US ENEMY TERRITORY AS IN "If you wouldn't enter #NorthKorea, then why would you enter the USA?"
#Synology: #OpenVPN eingerichtet, Firewall Ports konfiguriert, FRITZ!Box forwarding und dyndns etc. #VPN klappt, ping auf lokale IP auch aber #ssh nicht weil Synology das nur noch für die Admin Gruppe erlaubt?! Muss ich „#git“ zum Admin machen? Örgs… no!
Zugriff über WebDAV? Noch ne B(K)rücke? Hat nicht sofort geklappt. Erstmal aufgehört.
Das muss doch einfacher gehen … (2/2)
Have finally taken some time to read up on current VPN options in homelabs, as my involved hardware is no longer supported.
I have quite a few connections from my network to remote networks at family/friends for IT support. I connect from my pfSense via OpenVPN to OpenVPN server running on ASUS routers, flashed with Merlin firmware. The models are no longer supported, so am looking for alternatives.
Some of these ASUS routers function as a router plus the OpenVPN server, some routers just serve as an OpenVPN server.
Have checked Tailscale (with Headscale as I do not want to rely on 3rd parties)) and Netbird (apparently possible to selfhost).
In both setups every single device need to be configured separately and not all devices have native clients. Tailscale seems to have an option for "exit nodes" so the network where the device is in, is also reachable.
1/2
Hey #homelab users!
You probably already know me by my free @BoxyBSD project and I often got asked about IPv4 addresses. Currebtly, I tinker with a new but also honestly not free service. The idea is creating a static IP service for homelab users. I'm aware that there're already some around, so what could be some benefits here?
- Static single #IPv4 & #IPv6 /48 (so you can subnet your homelab to several /64 without breaking #slacc)
- Bigger subnets (IPv4: /29, /28, /27 | IPv6: /32)
- Full RIPE personalization (inc. abuse & Co)
- #OpenVPN, #Wireguard, #GRE Support
- Auto configure (e.g., you load the wireguard config on any client and the addresses Arena immediately bound to that interface)
- Split usage / multiple tunnels: Use different IPs from your subnets at different locations
- Integration into #BoxyBSD
- Location in Germany or Netherlands (selectable)
- Hosted on redundant #FreeBSD nodes
Pricing:
- The starter package probably around 10€/month (not more) + 15€ setup including 2T traffic
- Pricing for addiriinal/larger subnets not yet sure, probably higher setup fees to avoid hoppers and spamers to keep the addresses clean
- Optional traffic packages (when exceeding speed Limit of 10Mbit which should still be ok for most homelabs)
World this be interesting? Im aware that many ones already do this by VPS themselves, so this might just be a bit easier and optionally offering whole networks including RIPE personalizations.
I'm doing the #ansible configuration of #OpenVPN server:
* at home
* on a #FreeBSD host
* with a dynamic IP address
May be an interesting challenge - I've been doing it for 10+ years, but most of the heavy lifting has been handled by the appliance.
e.g. when an IP address change happens
* handling IP address change
* getting the routing right
* any pf stuff to reset?
* other issues I'm not comprehending yet
I'm guessing that some of the issues may not be relevant because I'm just not using those features
From this week's Linux Update newsletter: Koen Vervloesem shows you how to operate a VPN and manage clients with WireGuard Easy's user-friendly web interface
https://www.linux-magazine.com/Issues/2025/290/WireGuard-Easy
#VPN #security #WireGuard #OpenSource #OpenVPN #IPsec #FOSS
The #firewall of #Iran was kind of a mystery in it's sophistication and maturity. Some told me it's even more potent than the #GreatFirewall of #China.
Reading through a recently published report gives a good understanding on how nationwide #censorship systems work. The report is accessible here
David Sommerseth 
