# FreeBSD VPN



## phalange (Feb 19, 2021)

Is there a VPN provider with a freebsd client? I see none, except some suggest openvpn. Is openvpn well supported on FreeBSD or is there a better (more "native") option?

I have a FreeBSD laptop and sometimes I have to use public wifi.


----------



## reddy (Feb 19, 2021)

Yes OpenVPN is well supported, I use it daily and haven't noticed any problem. You can install it from ports using `pkg install openvpn`, however it is userland and not built into the kernel so you may not have the best performance (even though I haven't noticed any performance problem with normal desktop usage). Your VPN provider will normally give you OpenVPN configuration files that you can download and point your OpenVPN client to.

As far as native support, I have heard that wireguard will have a kernel driver in a future version of FreeBSD, but I am not sure if the work made it into FreeBSD 13.0. 

Edit: Yes apparently it made it according to this thread which also explains how to configure everything.


----------



## phalange (Feb 20, 2021)

Thanks, I'll start with openvpn. I'd love to use wireguard -- my vpn supports it -- but that configuration looks painful.

WIth openvpn, I just enter one of my provider's servers and connect to it. Does wireguard use the same basic principle?


----------



## meaw229a (Nov 16, 2021)

I'm using PIA with wireguard. They provide openvpn and wireguard scripts. Based on this scripts I made my own
easy wireguard login. Works very well and speed is also good. As far as I know wireguard was in the kernel before
but got removed. I just install the package.


----------



## hardworkingnewbie (Nov 16, 2021)

Well Wireguard will become part of the kernel again sometimes. The issue is that the original implementation done by Matthew Macy was just bad, and therefore pulled out of the kernel. It was a really big controversy around it.

As result FreeBSD will get its own kernel module for Wireguard, but with the support of its original creator and well known FreeBSD developers. Matthew Macy's stuff didn't make it due to bad quality problems.









						FreeBSD 13.0 to ship without WireGuard support as dev steps in to fix 'grave issues' with initial implementation
					

Public spat over code quality, reworked code set for 13.1 release, pfSense firewall also affected




					www.theregister.com


----------



## D-FENS (Nov 16, 2021)

phalange said:


> Is there a VPN provider with a freebsd client? I see none, except some suggest openvpn. Is openvpn well supported on FreeBSD or is there a better (more "native") option?
> 
> I have a FreeBSD laptop and sometimes I have to use public wifi.


OpenVPN works very well.
I start my VPN connections from the console on FreeBSD because (as far as I remember) the NetworkManager-OpenVPN GUI plugin for KDE is not available on FreeBSD (things might have changed meanwhile).
A console script can be wrapped as a user service or system service. Also, you could find KDE widgets to launch the script from, this should not be an issue.


----------



## mer (Nov 16, 2021)

I'm with roccobaroccoSC openvpn client started from a term window.  Some of the desktop environments have weird VPN configuration where you need to split up an openvpn client file into a couple pieces that don't always work.

My reason for starting from a console/term window?  Control.  VPN only gets started when I want it to, I shut it down when I'm done.  Complete control.
One thing with VPNs and home networks:  be careful of overlapping network address spaces.  Almost everyone's home network is 192.168.0.0/16, your corporate network may do the same thing.  Starting the VPN creates routes on your local machine, if addresses overlap, things may get borked.


----------

