new feature - WireGuard vpn


I've been reading about this new WireGuard vpn, which seems to be quite performante compared to other vpn types and will also be integrated in the linux kernel (if it isn't already).
Does WatchGuard have plans to integrate this new VPN type?





  • Options
    james.carsonjames.carson Moderator, WatchGuard Representative

    Hi @Thibaud

    WatchGuard is currently exploring implementing it in the future, but there hasn't been a decision made thus far.

    The current SSLVPN is based on OpenVPN which is widely available and compatible with a multitude of systems.

    If you have any specific use cases that you believe would benefit from this, I'd encourage you to open a support case and provide more details so that a feature request can be written around your needs.

    -James Carson
    WatchGuard Customer Support

  • Options

    Hi @James_Carson !

    No specific use case.
    It's just that I read a bit about this and appears to be more performant then other vpn types.
    WatchGuard's current SSL VPN is actually slower than for example IKEv2 and I thought it might be an idea to have a WireGuard client instead of the SSL VPN client, so it gets more performant.

    Kind regards,


  • Options
    edited February 2021

    You could always put a Pi running PiVPN or a VM behind your Watchguard device to run Wireguard VPNs until Watchguard comes around. It would be nice to see Watchguard implement it as an alternative (and not a replacement) to their OpenVPN-branded solution.

  • Options


    I also wish to switch my mobile client to WireGuard.
    Hence, please implement it.
    I would not request to replace OpenVPN with WireGuard, but rather complement OpenVPN with WireGuard.

  • Options


    This would be a very nice improvement!

  • Options

    WatchGuard, if you are listening. You are long overdue on adding WireGuard VPN for both Branch Office and Mobile tunnels. Its getting close to the point where I need to look at other solutions that support this.

  • Options

    Please implement Wireguard. Low throughput ADSL lines with 5.5Mbps throughput in downlink and 800kbps uplink if used with Watchguard SSL VPN client will top 1.4Mbps in the downlink.... That is poor efficiency.... UDP should be in favour in theses low lines ..... If you failure to replicate CISCO product behaviour that automatically switches between tcp/udp then Wireguard use of udp at blazing speeds is the only way to go.... We vote in favour of INRIA and French cryptographic product.

  • Options

    FYI - you can select to use UDP in SSLVPN.

    If you also use any/all of these:
    Management Tunnel over SSL on a hub device
    BOVPN over TLS in Server mode
    Access Portal
    then review this:
    SSL/TLS Settings Precedence and Inheritance

  • Options

    +1 Watchguard Cloud with Wireguard support for Mobile and Site2Site VPN

  • Options

    +1 for that

    With having a lot of Linux endpoints, we would appreciate support for Wireguard. We also expect, that some common problems (like VoIP e.g.), should work more stable with Wireguard.

Sign In to comment.