[USG Flex H] - WireGuard VPN
Master Member
Hello everyone,
I see that our Firewall USG Flex H Series, implement Tailscale, only a user-friendly VPN based on WireGuard protocol.
My idea is to convert the Tailscale third party service, with the real WireGuard solution. As also explained by Tailscale (https://tailscale.com/compare/wireguard) is more complex to configure a WireGuard VPN, but is more stable, secure and offer better performances than Tailscale.
Also, as suggested by Tailscale ifself, using Tailscale introduces a direct dependencies on product, if Tailscale closes, the service closes itself; using Tailscale introduces a direct dependencies also in Tailscale's security, keys managements and network traffic ACLs is only possible with paid solutions.
Also in performances WireGuard is better, because it is directly available into the linux kernel module, instead Tailscale is only a Wireguard third party external implementation.
So… OK Tailscale is more user-friendly, is more flexible and convenient for 95% of people, but if our Firewall, can directly use the Wireguard protocol I think that is more secure.
What do you think?
Comments
-
Upvote! I have a fixed Public IP so make it possible so that is not mandatory to go though Tailscale service
0 -
In my case, is not possible to use Windows Tailscale client to my Work computer, instead I can use WireGuard client because I can install it.
0
Freshman MemberCategories
- All Categories
- 442 Beta Program
- 3K Nebula
- 226 Nebula Ideas
- 130 Nebula Status and Incidents
- 6.6K Security
- 641 USG FLEX H Series
- 357 Security Ideas
- 1.8K Switch
- 86 Switch Ideas
- 1.4K Wireless
- 54 Wireless Ideas
- 7K Consumer Product
- 303 Service & License
- 495 News and Release
- 93 Security Advisories
- 31 Education Center
- 10 [Campaign] Zyxel Network Detective
- 4.8K FAQ
- 34 Documents
- 88 About Community
- 110 Security Highlight
