How are you integrating #WireGuard with an identity provider like OpenID, MS, or Goog for MFA?
Discussion
Loading...
@dexter not doing it yet but looking into using pocket-id with #headscale
@dexter a relativly simple (but not that userfriendly...) option i have implemented was to combine wireguard with a captive portal as additional authentication (in this case based on opnsense)...not extremly nice from the user perspective but it works.
@dexter Netbird. Either Self-hosted or SaaS
@Toasterson Nice site but “Pricing” suggests a future rug-pull.
I’ll take a look either way.
@dexter It's the same model as Tailscale, except that the whole server software is OSS and Free if you self-host. So if it's a Rug-Pull it's at least an OSS Rug Pull. The most complicated thing to self host will be the STUN and TURN servers.
@dexter You cannot do that with native wireguard, which is minimalist by design. However, you can do that with Tailscale for example, which adds a lot of functionality on top of wireguard.
@pu Are the HeadScale limitations as bad as they say?
I need something self-hosted.
@dexter I didn’t try Headscale, and use Tailscale only where I don’t have a native wireguard client available. But I did the whole OIDC integration thing with Tailscale for fun (it wasn’t).
There are other products that build on wireguard, and other overlay networks, but native wireguard fits my needs.
What is your usecase?
There are other products that build on wireguard, and other overlay networks, but native wireguard fits my needs.
What is your usecase?
@pu Use case: I am happy with WireGuard for road warriors and office to office, but the 2FA checkbox needs to be checked. 😐
1 more replies (not shown)
@dexter This might fit your requirements https://github.com/netbirdio/netbird
@pu I also came across … https://www.firezone.dev/