The plan for road warrior access?
Wang Jian
larkwang at gmail.com
Sat Sep 9 17:33:30 CEST 2017
Hi Jason,
Wireguard is great for site to site VPN, even in current early stage.
We will replace our IPSec deployment with wireguard, after the
multihome issue fixed. Thanks for your outstanding work.
For road warrior access, I think it's quite straghtforward to build an
SSL VPN around wireguard, to address these issues:
1. integration into existing authentication system (ldap, radius, oauth2, saml)
2. address pools, allocation of client address; multiple connections per user
3. pushing address, routing and dns config to client; split or full tunnel
4. ACLs
(The client.sh demo is an example)
But wireguard is in early stage, the mentioned functionalities can be
designed as part of wireguard and tools, protocols.
Wireguard is meant to obsolete IPSec and likes. How about your plan on
road warrior access?
More information about the WireGuard
mailing list