search

DefGuard / defguard

The only _real_ 2FA MFA WireGuard Enterprise VPN with build-in SSO, hardware keys management and more!
https://defguard.net
Other
1.13k stars 35 forks source link

site-to-site VPN functionality #387

Open teon opened 11 months ago

teon commented 11 months ago

Currently, defguard supports only a "roadwarrior" setup (one server and clients connect to the server). In the network tab, we need to be able to configure current setup (roadwarrior) and "site-to-site" VPN (where two servers communicate - no clients are connecting to this instance). So we have "Add location" but now it would be setup VPN and we should choose which type. After selecting site-to-site we need to have a configuration for two server endpoints this is a great visualisation that we should do in order to show the admin what should be configured:

                  ┌─────── WireGuard site-to-site ──────┐
                  │         10.10.9.0/31          │
                  │                               │
     10.10.9.0 wgA│               xx              │wgB 10.10.9.1
                ┌─┴─┐          xxx  xxxx        ┌─┴─┐
alpha site      │   │ext     xx        xx    ext│   │  beta site
                │   ├───    x           x    ───┤   │
10.10.10.0/24   │   │      xx           xx      │   │  10.10.11.0/24
                │   │      x             x      │   │
                └─┬─┘      x              x     └─┬─┘
        10.10.10.1│        xx             x       │10.10.11.1
...┌─────────┬────┘          xx   xxx    xx       └───┬─────────┐...
   │         │                  xx   xxxxx            │         │
   │         │                                        │         │
 ┌─┴─┐     ┌─┴─┐           public internet          ┌─┴─┐     ┌─┴─┐
 │   │     │   │                                    │   │     │   │
 └───┘     └───┘                                    └───┘     └───┘
teon commented 10 months ago

@filipslezaklab design DONE: https://www.figma.com/file/uoFcgpOuVWa6g7tvKwB52o/defguard?type=design&node-id=5009-7758&mode=design&t=wrNRKEgMD6DM3Ph0-0

wojcik91 commented 8 months ago

When implementing location types include:

jtbmedia commented 2 months ago

When is this ready to be used?

teon commented 2 months ago

@jtbmedia most probably planned for version 1.2 (now 1.0 in testing).

jtbmedia commented 2 months ago

Would live love the feature. Which data is 1.2 planned to be released? On the website Q1 2024 is still mentioned.