binhex Posted August 9, 2021 Share Posted August 9, 2021 So a long long time ago in a galaxy far far away i started using port forwarding on my router, after a while i heard about reverse proxying and thought i would give the then very active LSIO Let's Encrypt docker image a go, after fiddling with it and finding it rather hard to wrap my head around due to the number of moving parts (no offense meant LSIO) i settled on Nginx Proxy Manager, which although missing some of the features that the Let's Encrypt docker image and the later (and current) SWAG image has, it worked for me and i was relatively happy, it worked well enough and it was secure enough to let me sleep at night, although it did make me a little uncomfortable that i was relying on a single docker container for most of my incoming connections, and the lack of including fail2ban was a disappointment (something SWAG does have). So now in the present day i decided to finally update my trusty pfSense router from the battle hardened version of 2.4.5-p1 up to the current release 2.5.2, i had been holding out watching the noise of people upgrading to 2.5.0 and then 2.5.1 (better but still had nasty bugs) and having their routers services crashing and do all number of bad things, so yes i did have a smug face on at that time :-). I was also aware of the pfsense freebsd wireguard kernel shenanigans and the later removal of wireguard from the kernel, so i was a little nervous about installing the wireguard package on my router, especially as its marked as EXPERIMENTAL, but i pressed the button and.....well.....it just worked!, i configured my phone via the wireguard app, connected it and voila i now have access to my lan whilst out and about, no need for port forwarding, no need for reverse proxy tricky nginx configurations for each app, no need for let's encrypt renewal of certs, it simply worked!, i had reservations about this initially thinking it would be clunky and difficult to do, imagining me having to click a button to active the vpn whenever i want to do stuff, but no, it runs completely silently, if data signal drops then it re-establishes the vpn when the data connections reconnects, if i switch to wi-fi it switches efficiently over, i can even control which apps use the vpn tunnel to reduce latency, in short for me this is hands down the fastest, least hassle and most secure experience i have had to date. So there ya have it, i wanted to post this to see if anybody else is doing this also and are reverse proxy/port forward converts over to wireguard, if anybody wants the steps i went through to get this running on pfsense then let me know, i havent tried the unraid implementation of wireguard, simply because for me i feel running wireguard on unraid is the wrong place but i get why some people may want to do this and kudos for the unraid team in including it. 1 1 Quote Link to comment
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.