Connectware users can now benefit from the latest Wireguard VPN service for private, secure and independent remote access. Wireguard is a very easy-to-understand and modern VPN solution. It aims to be faster, simpler and leaner than other technologies such as IPSec and OpenVPN. A combination of extremely efficient cryptographic primitives and the fact that Wireguard lives inside the Linux kernel means that secure networking can be very high-speed. It is suitable for both small embedded devices like smartphones and fully loaded backbone routers.
The Wireguard service takes advantage of the Connectware service capabilities of bundling all the activities into a single point of configuration and execution. This means that when a Service is enabled it will perform a set of operations on the Connectware and when disabled these operations will be removed. This makes enabling/disabling remote access quick and easy with minimal configuration.
The Wireguard service acts as a VPN gateway on the remote location. A VPN gateway is a type of virtual network gateway that sends encrypted traffic across a public connection. You can use this VPN gateway to send traffic securely between for example, a factory floor and a service technician network.
The Connectware Wireguard service augments a Wireguard interface with an MQTT API for starting/stopping the VPN connection, publishing the generated public key of the client and emitting the state and config changes of the VPN connection on pre-configured MQTT topics. No additional VPN client software has to be installed on the host machine since Connectware service is based on Docker containers, the service is installed in a container and all the configured network parameters are exposed as environment variables inside the container.
Connectware technical overview
Connectware service concept basics
Wireguard technical whitepaper