[USG Flex H] - WireGuard VPN
Ally Member
Hello everyone,
I see that our Firewall USG Flex H Series, implement Tailscale, only a user-friendly VPN based on WireGuard protocol.
My idea is to convert the Tailscale third party service, with the real WireGuard solution. As also explained by Tailscale (https://tailscale.com/compare/wireguard) is more complex to configure a WireGuard VPN, but is more stable, secure and offer better performances than Tailscale.
Also, as suggested by Tailscale ifself, using Tailscale introduces a direct dependencies on product, if Tailscale closes, the service closes itself; using Tailscale introduces a direct dependencies also in Tailscale's security, keys managements and network traffic ACLs is only possible with paid solutions.
Also in performances WireGuard is better, because it is directly available into the linux kernel module, instead Tailscale is only a Wireguard third party external implementation.
So… OK Tailscale is more user-friendly, is more flexible and convenient for 95% of people, but if our Firewall, can directly use the Wireguard protocol I think that is more secure.
What do you think?
Comments
-
Upvote! I have a fixed Public IP so make it possible so that is not mandatory to go though Tailscale service
0 -
In my case, is not possible to use Windows Tailscale client to my Work computer, instead I can use WireGuard client because I can install it.
0
Freshman MemberCategories
- All Categories
- 442 Beta Program
- 3K Nebula
- 223 Nebula Ideas
- 129 Nebula Status and Incidents
- 6.6K Security
- 627 USG FLEX H Series
- 352 Security Ideas
- 1.7K Switch
- 84 Switch Ideas
- 1.4K Wireless
- 54 Wireless Ideas
- 7K Consumer Product
- 298 Service & License
- 492 News and Release
- 92 Security Advisories
- 31 Education Center
- 10 [Campaign] Zyxel Network Detective
- 4.8K FAQ
- 34 Documents
- 88 About Community
- 108 Security Highlight
