FreshTomato Wiki

User Tools

Site Tools

Trace:
vpn-wireguard

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
vpn-wireguard [2024/02/14 13:25] rs232vpn-wireguard [2024/04/16 16:51] (current) – [Type of VPN] -change "amongst" to "between" hogwild
Line 3: Line 3:
 ===== Introduction ===== ===== Introduction =====
  
-As a GUI design keep in mind the FreshTomato Wireguard page is meant to be both a configuration and config generation pointSo it is suggested you "nominated" a main router where the config will be produced. Client like other FreshTomato routers, Windows, Linux, Android etc client will need to import the config generated by the main FreshTomato router. This also implies that any relevant configuration change might also require you to delete/re-import the config on the other peers.+FreshTomato's Wireguard menu in the graphical interface is meant to be a place for both configuration and generating configurationsThus, it is suggested you "nominate" a main router where the configuration will be produced. Clients, such as other FreshTomato routers, and Windows, Linux, and Android devices, will need to import the configuration generated by the main FreshTomato router. This means that any relevant configuration change may also require you to delete and reimport the configuration on the other peers.
  
-===== Current development ===== 
  
-The GUI for Wireguard is currently work in progress. Some basic functionality should already be working on 2024.1 although elements like +===== Current development status ===== 
 + 
 +The Wireguard GUI menu is currently work in progress. Some basic functionality is working since release 2024.1. However some elements, including the following have no yet been implemented: 
   * External VPN provider connectivity   * External VPN provider connectivity
-  * kill-switch +  * Kill-switch 
-  * routing-policy +  * Routing-policy 
-  * split-tunneling +  * Split-tunneling 
-are not yet implemented. So your focus should be on sit-to-site for the time being.+ 
 + \\ 
 + 
 +For this reason, you should focus on on site-to-site configurations until that status changes. 
  
 ===== Type of VPN ===== ===== Type of VPN =====
-{{:pasted:20240214-132008.png}}\\ + 
-This setting will affect the creation of config for the peers+{{:pasted:20240214-132008.png}}\\  \\ 
-  * Hub and Spoke = any peer can only communicate via the Hub. + 
-  * Full Mesh Endpoint only will try to create a full mesh but only amongst peers that have the EndPoint defined +This setting affects the creation of peer configurations. 
-  * Full Mesh will try to establish a full mesh amongst all peers FIXME + 
-  * External VPN Provider is work in progress+  * Hub and Spoke: Any peers can only communicate via the Hub. 
 +  * Full Mesh (defined Endpoint only): FreshTomato will try to create a full mesh but only among peers which have the EndPoint defined. 
 +  * Full Mesh: FreshTomato will try to establish a full mesh between all peersFIXME 
 +  * External VPN Provider - This option is greyed out, as the function is still a work in progress
  
 ===== Troubleshooting ===== ===== Troubleshooting =====
-While you try to configure your own VPN please keep in mind the following troubleshooting tips: + 
-  * **wg show** (command line) will help you understand the relationship between peers +When trying to configure your VPNplease remember these troubleshooting tips: 
-  * **route** can help you verifying routing decision while the VPN is connected + 
-  * **traceroute** is a must use when verifying end-to-end connectivity, a goo approach is to test in order: +  ***wg show** (via the command line) output will help you understand the relationship between peers. 
-  Local LAN IP +  ***route** (via the command line) can help you to verify routing decisions while the VPN is connected. 
-  Local VPN IP +  ***traceroute** is a must when verifying end-to-end connectivity. A good approach is to test the following in order: 
-  Remote VPN IP +    *Local LAN IP 
-  Remote LAN IP +    *Local VPN IP 
-The point where this fail provides a crucial insight into the issue you might be facing.+    *Remote VPN IP 
 +    *Remote LAN IP 
 + 
 +The point of failure will provide critical insight into whatever issue you are facing. 
  
vpn-wireguard.1707917105.txt.gz · Last modified: 2024/02/14 13:25 by rs232

Page Tools

Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki