Wireguard VPN support
I'd be nice if you would include WireGuard in your suite of server-side VPN protocols in your UTM line.
Isn't Wireguard effectively an alternative to RED tunnels?
Yep... now that it is in Kernel - it is a MUST for SG and XG!
Kris Budde commented
On 9 December 2019, David Miller - primary maintainer of the Linux networking stack - accepted the WireGuard patches into the "net-next" maintainer tree, for inclusion in an upcoming kernel. On 28 January 2020, Linus Torvalds merged David Miller's net-next tree, and WireGuard enters mainline Linux kernel tree.
Nothing more to add. So we have to wait kernel 5.6 coming to Sophos
I would relly love to see Sophos implement Wireguard soon.
Interessting read is https://news.ycombinator.com/item?id=20925999
and also https://ungleich.ch/en-us/cms/blog/2019/09/10/openvpn-vs-wireguard/
FWIW, I've started testing Wireguard and it seems quite impressive so far. While it is to some extent still in beta, it would be great if this is something that Sophos could start working on implementing and testing - it seems stable enough at present to at least do that. In case it might be of interest to anyone, there appear to have been two security analyses done so far, both of which seem to be positive - see https://courses.csail.mit.edu/6.857/2018/project/He-Xu-Xu-WireGuard.pdf and https://eprint.iacr.org/2018/080.pdf
Noone has audited it, and its a piece of beta software. Even its creator says "NOT FOR PRODUCTION USE"!
Lets wait 1-2 years and then ask for it again.
Mark San Diego commented
+1, would be amazing to see WG implemented here.
This would be very useful as it seems Wireguard will solve many problems with actual VPN techniques by implementing seemless network handover etc.
I very much agree Wireguard is a very efficient and is quickly becoming the standard. Wireguard is very much a necessity,
OpenVPN work pretty well but Wireguard look very nice.
Player 1 commented
I totally agree! Wireguard will soon be part of the main Linux kernel so this should be the way to go for Sophos UTM as well.
Agreed, looks to be awesome. Would be great to have it integrated into the utm and not having to run a separate server
Indeed! It's the leading VPN solution nowadays. When will sophos support it?
[Deleted User] commented
This would be a wonderful addition!