new feature - WireGuard vpn

ThibaudThibaud
in Firebox - VPN Mobile User

Hello,

I've been reading about this new WireGuard vpn, which seems to be quite performante compared to other vpn types and will also be integrated in the linux kernel (if it isn't already).
Does WatchGuard have plans to integrate this new VPN type?

Thanks!

Greetings,

Thibaud

Comments

  • james.carsonjames.carson Moderator, WatchGuard Representative

    Hi @Thibaud

    WatchGuard is currently exploring implementing it in the future, but there hasn't been a decision made thus far.

    The current SSLVPN is based on OpenVPN which is widely available and compatible with a multitude of systems.

    If you have any specific use cases that you believe would benefit from this, I'd encourage you to open a support case and provide more details so that a feature request can be written around your needs.

    -James Carson
    WatchGuard Customer Support

  • ThibaudThibaud

    Hi @James_Carson !

    No specific use case.
    It's just that I read a bit about this and appears to be more performant then other vpn types.
    WatchGuard's current SSL VPN is actually slower than for example IKEv2 and I thought it might be an idea to have a WireGuard client instead of the SSL VPN client, so it gets more performant.

    Kind regards,

    Thibaud

  • bradbradbradtbradbradbradt
    edited February 2021

    You could always put a Pi running PiVPN or a VM behind your Watchguard device to run Wireguard VPNs until Watchguard comes around. It would be nice to see Watchguard implement it as an alternative (and not a replacement) to their OpenVPN-branded solution.

  • rgloorrgloor

    +1

    I also wish to switch my mobile client to WireGuard.
    Hence, please implement it.
    I would not request to replace OpenVPN with WireGuard, but rather complement OpenVPN with WireGuard.

  • IBWSDIBWSD

    +1

    This would be a very nice improvement!

  • Longtime_WG_AdminLongtime_WG_Admin

    WatchGuard, if you are listening. You are long overdue on adding WireGuard VPN for both Branch Office and Mobile tunnels. Its getting close to the point where I need to look at other solutions that support this.

  • bell23bell23

    Please implement Wireguard. Low throughput ADSL lines with 5.5Mbps throughput in downlink and 800kbps uplink if used with Watchguard SSL VPN client will top 1.4Mbps in the downlink.... That is poor efficiency.... UDP should be in favour in theses low lines ..... If you failure to replicate CISCO product behaviour that automatically switches between tcp/udp then Wireguard use of udp at blazing speeds is the only way to go.... We vote in favour of INRIA and French cryptographic product.

  • Bruce_BriggsBruce_Briggs

    FYI - you can select to use UDP in SSLVPN.

    If you also use any/all of these:
    Management Tunnel over SSL on a hub device
    BOVPN over TLS in Server mode
    Access Portal
    then review this:
    SSL/TLS Settings Precedence and Inheritance
    https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Fireware/networksetup/ssl_tls_settings_precedence.html

  • AndreasAndreas

    +1 Watchguard Cloud with Wireguard support for Mobile and Site2Site VPN

  • achter_softwareachter_software

    +1 for that

    With having a lot of Linux endpoints, we would appreciate support for Wireguard. We also expect, that some common problems (like VoIP e.g.), should work more stable with Wireguard.

  • LP_ScottLP_Scott

    When is Wireguard VPN coming? The Norwegian National Cyber Security Centre (NCSC) is now recommending the end of SSL VPN connections by 2025.
    _"The severity of the vulnerabilities and the repeated exploitation of this type of vulnerability by actors means that the NCSC recommends replacing solutions for secure remote access that use SSL/TLS with more secure alternatives."

    Come on WatchGuard, time to get with the program!

Sign In to comment.