All Topics
All Topics
Technology
Technology
Design
Design
Programming
Programming
Science
Science
News
News
Gaming
Gaming
Entertainment
Entertainment
Business
Business
Finance
Finance
Sports
Sports
Health
Health
Food
Food
Travel
Travel
Art
Art
Music
Music
Books
Books
Education
Education
Politics
Politics
Personal
Personal
No algorithm. No AI slop. No ads. Just RSS. Pro-human. Indie writers. Real journalism. Open web. Chronological. Hand toasted.

Setting Up WireGuard VPN on FreeBSD 14.3: PF Firewall Configuration and Linux Peer Routing

By

todsacerdoti

4mo ago· 22 min readen
Bagel score 100 of 100
100/100
Golden Brown
Bagelometer

The kind of bagel that ruins lesser bagels for you.

Score100Typehow-toSentimentneutral

Summary

This technical guide details setting up a WireGuard VPN on FreeBSD 14.3 for a home NAS server, covering firewall configuration with PF, routing between networks, and establishing a peer-to-peer VPN connection between FreeBSD and Arch Linux systems. The article is part of a series on building a home NAS server and focuses on connecting different network locations for secure remote access and data backup purposes.

Key quotes

· 4 pulled
The main idea is to (finally!) connect my 'office' and my apartment, and later, perhaps, also connect the server where rtfm.co.ua is currently running so that blog files and database backups can be stored directly on the ZFS mirror pool of the home server.
In the previous post, FreeBSD: introduction to Packet Filter (PF) firewall, we got acquainted with firewalls; the next step is to configure a VPN for access.
I am continuing to set up my home server on FreeBSD 14.3, which is intended to serve as a NAS.
This is part of a blog series documenting the process of building a home NAS server with FreeBSD.
Snippet from the RSS feed
Setting up WireGuard VPN on FreeBSD 14.3: PF firewall, routing between networks, and peer-to-peer VPN between FreeBSD and Arch Linux

You might also wanna read

BGP Lab Project Expanded to Include Full IPv6 Feed

The author extends their BGP lab project to support full IPv6 feeds, following requests from readers who previously received IPv4 BGP feeds.

lukasz.bromirski.net·2d ago

Whosthere: A Go-based LAN discovery tool with interactive TUI for unprivileged network scanning

Whosthere is a Go-based Local Area Network (LAN) discovery tool with an interactive Terminal User Interface (TUI). It performs unprivileged,

Product Hunt·10d ago

Investigating Intermittent ECONNRESET Errors in Local TCP Connections (Part 1)

A technical blog post investigating mysterious ECONNRESET errors occurring between two services communicating over TCP on the same machine.

movq.de·14d ago

IPv8: An Alternative IPv4 Successor with Backward Compatibility and Integrated Network Management

This article introduces IPv8, an alternative successor to IPv4 that differs from IPv6 by focusing on integrated network management and singl

openipv8.org·17d ago

How to get a free *.city.state.us locality domain in the US

This article explains how US residents can obtain a free locality domain name (e.g., somename.city.state.us) for their town. It covers the h

fredchan.org·18d ago

Cloudflare fixes CUBIC congestion control bug in QUIC implementation that permanently pinned performance at minimum

Cloudflare engineers discovered and fixed a bug in the CUBIC congestion control algorithm (RFC 9438) used in their QUIC implementation (quic

blog.cloudflare.com·19d ago