5 posts tagged with "vpn"
A two-peer WireGuard tunnel is trivial; a full mesh of dozens of nodes is a different problem. The n-squared key challenge, AllowedIPs as a routing table, keepalives for NAT, and running a dynamic routing protocol over the mesh instead of static routes.
Configure GRE, IPIP, and SIT tunnels on VyOS. Covers tunnel types, MTU considerations, keepalives, GRE keys, and why simple tunnels solve simple problems.
Master TCP MSS clamping on VyOS for tunnels and PPPoE. Covers MSS vs MTU, clamping configuration, troubleshooting fragmentation, and why MSS clamping fixes problems MTU changes cannot.
Configuring reliable IPsec site-to-site VPNs on VyOS. Covers IKEv2 setup, NAT traversal, dead peer detection, rekeying, and systematic debugging when things go wrong.
Complete WireGuard setup on VyOS covering site-to-site tunnels, mobile clients, kill switches, split vs full tunnel, and the two things that make WireGuard stable: MTU and routing policy.