- User Since
- Nov 18 2018, 10:20 AM (52 w, 2 d)
Sat, Nov 2
I've used the following script to get the argo tunnel running and encrypting dns, i then use 127.0.0.1 as the system nameserver and as the dns forwarder's only upstream nameserver. Works well so far but the integration is lacking with the vyos config
Sep 10 2019
Just adding a suggestion since cloudflared (argo tunnel) is open source : https://github.com/cloudflare/cloudflared
I was thinking some more along the lines of stunnel and wrapping wireguard that way but it would require additional packaging and integration on the vyos side. Luckily whatever outbound filtering is in place for this specific implementation seems to be relatively basic and limited to port blocking/whitelisting.
Sep 9 2019
Yes, I understand that. The primary request is to be able to set a listen port lower than 1024 without having to create a destination NAT rule to get the same result.
set interfaces wireguard wg1 port 443
Dec 18 2018
Everything is still working/functioning in the latest RC (1.2.0-rc11)
I've had a chance to retest with 1.2.0-rc11 and everything works as intended. Thank you!
Dec 12 2018
I've installed on two hosts (virtual/cloud instance, and 1 physical) in,local,out rules all work as expected with default drop and firewall state-policy establish/related accepted.
Dec 6 2018
Nov 30 2018
Would also like to see this available for Wireguard interfaces as I'm hitting this when using PBR/NATing.