Wireguard
What is Wireguard?
WireGuardยฎ is a modern and fast encrypted networking protocol that offers a number of performance benefits over traditional VPNs and TLS. Among other important features, WireGuard uses Curve25519 for key exchange, which keeps the negotiation phase extremely lightweight and fast. It also has a very low cost per live session, so it can keep direct connections open to a large number of nodes at once.
Here you can find a link to the original Whitepaper as well as the source code for the Linux Kernel Driver.
Keep-Alive & NAT-Traversal:
By default Wireguard is designed not to generate any unneccisary network traffic. However, many home & business networks rely on a technology called NAT to handle aspects of IP Addressing. This can cause Wireguard connections to be unstable if using the bare-bones configurations.
To configure Wireguard to send Keepalive packets, (thus preventing your network gateway from closing the connection) add the follwing to your Wireguard Configs:
PersistentKeepAlive = 25
Limiting Subnets:
Rather than allowing Wireguard to manage ALL traffic on a network, it's useful to limit your Wireguard connection to a specific subnet:
AllowedIPs = 10.10.10.0/24
Maps
ASCII Maps:
A plaintext ASCII map for minimal documentation/reference.
# โโโโโโโโโโโโโ
# โ VPC โ
# โ โ
# โ Wireguard โ
# โ โ
# โโโโโค Caddy โโโโโโ
# โ โโโโโโโโโโโโโ โVPN Tunnel
# โ โ
# โโโโโโโดโโโโโ โโโโโโโดโโโโโโ
# โ The โ โ โ
# โ Internet โ โ Gateway โ
# โ >:[ โ โ โ
# โ โ โ โ
# โโโโโโโโโโโโ โโโโฌโโโโโโโฌโโ
# โ โ
# โ โ
# โ โ
# โ โ
# โโโฌโโฌโฌโโฌโโ โโโโดโโโโโโโดโโ
# โโโ โโ โโโผโโโโโโโโโโค โ
# โ VM โ DMZ โ Switch_01 โ
# โ Host โ VLANs โ โ
# โโโ โโ โโโผโโโโโโโโโโค โ
# โโโดโโดโดโโดโโ โโโโฌโโโโโโโโโ
# โ โฒ
# โ โ
# โ โ
# โผ โ
# โโโโโโโโโโดโ
# โ Trusted โ
# โ Wired โ
# โ VLANs โ
# โ โ
# โโโโโโโโโโโ