Wireguard GUI for multiple Orgs

5th December 2022

Why Wireguard?
It is a protocol, not a product; a single vendor going bankrupt does not ruin your SDWan setup.
Robust; one of the few products that can deal with Double NAT. When dealing with work-from-home users you don’t have the option to just fix it.
SSO options; auto sign-on when user logs into Micro$oft or Google. No extra password to remember, no extra step
BiDirectional; The office can reach the PC to make sure it’s updated or check the logs
Maximum versatility; Installs on the most OS’s (read ChromeOS) , some versions support ACLs, DNS etc

Tailscale; Saas https://tailscale.com easiest solution as its already setup for you. but $. M$ + Google sso

PriTunl; supports multiple Groups and users can be members of multiple groups, Multi-Tennancy, 2FA
tried to install on Ubuntu 22; no support for mongodb-org yet
supported on Ubuntu 20.04
Install is easy; a half dozen lines of code pasted into ssh

NetBird; M$ + Google sso, 2FA, but very new, very Beta

NetMaker; multiple networks and groups. Google, Github, Open ID Connect (OIDC) and M$ sso via OAuth. Ubuntu 20.04
Error when trying to install:
ERROR: for caddy Cannot start service caddy: failed to create shim: OCI runtime create failed: runc create failed: unable to start container process: error during container init: error mounting “/root/Caddyfile” to rootfs at “/etc/caddy/Caddyfile”: mount /root/Caddyfile:/etc/caddy/Caddyfile (via /proc/self/fd/6), flags: 0x5000: not a directory: unknown: Are you trying to mount a directory onto a file (or vice-versa)? Check if the specified host path exists and is the expected type

FireZone; Google + Okta sso M$ sso needs to be configured thru generic sso

SubSpace; cool name but out of date

Hamachi, ZeroTier, OpenVpn, are NOT WireGuard and don’t have it’s advantages

Options here https://medium.com/swlh/web-uis-for-wireguard-that-make-configuration-easier-e104710fa7bd