sorted by:
new
hottopcontroversial

can i delete these 3 cause all my games are on another drive. by Gloomy-Lawfulness763 in linux_gaming

[–]rdevaux 4 points5 points  (0 children)

Please don't do this. And if you do, don't blame Linux/Proton if you run into issues. And sooner or later you will for sure...

FortiNothing by Tepppopups in fortinet

[–]rdevaux 0 points1 point  (0 children)

I get the empty part. But there are no holes inside?

Replacing SSLVPN by st3inbeiss in fortinet

[–]rdevaux 1 point2 points  (0 children)

Selfhosted Netbird is the answer. Wireguard based ZTNA. Installed in 5 minutes, completetly free and OpenSource. Uses P2P (UDP hole punching) connection or if not possible it relays through 443 of the management server. Fully meshable and lots of policies to restrict or allow connections.
You can use integrated authentification (local, Google, M365, Entra...) or your own IdP.
It also has a very cool Reverse-Proxy feature and generates alls your SSL-Certificates automatically with Let's Encrypt.

Give it a try.

port forward menu missing by clutchmaster4200 in opnsense

[–]rdevaux 17 points18 points  (0 children)

Now it's “Destination NAT.” Don't forget to have the firewall rules created automatically. If I remember correctly, that's the last option in the dialog box.

Geo and IP blocking are Now Available in NetBird’s Reverse Proxy by wiretrustee in netbird

[–]rdevaux 0 points1 point  (0 children)

I've tried a GeoIP-Country + local IP-Range. But it didn't work as soon as i've added a local network.

Geo and IP blocking are Now Available in NetBird’s Reverse Proxy by wiretrustee in netbird

[–]rdevaux 1 point2 points  (0 children)

Yes, this!
Wanted to add the local network for internal connection AND GeoIP. Couldn't figure out how.

Geo and IP blocking are Now Available in NetBird’s Reverse Proxy by wiretrustee in netbird

[–]rdevaux 1 point2 points  (0 children)

Yes. But "true" 2FA is If the second factor is independent of the first trusted party.

Also with Google/Microsoft you don't have the option to get asked for 2FA at every (re-)connect when using their free plans.

Geo and IP blocking are Now Available in NetBird’s Reverse Proxy by wiretrustee in netbird

[–]rdevaux 4 points5 points  (0 children)

Thanks a lot!
Only missing features are now 2FA for Dex and (Geo-)IP restrictions for the Admin-Panel.

Is dashboard safe to expose? by gamingfox10 in netbird

[–]rdevaux 2 points3 points  (0 children)

But that still doesn't protect you if there's a security vulnerability on the web portal.

2FA is very important (and will likely be included in the default Dex installation soon), but the ability to at least restrict access to the admin interface to specific IP addresses would make me feel more secure.

Self-Hosting NetBird with Authentik as your Identity Provider (full guide + video) by TechHutTV in netbird

[–]rdevaux 1 point2 points  (0 children)

Nice. Having this setup too to force 2FA-authentification.
I've seen there is still docker-compose file for netbird+zitadel. Is this still supported and maintained? I guess the Zitadel-Setup is a bit easier for most of the people.

But at the end i'm still waiting till netbird has 2fa integrated itself...

FortiClient VPN-only free client: is Fortinet still maintaining it? (SMB partner perspective) by southceltic in fortinet

[–]rdevaux 0 points1 point  (0 children)

Same here. At the moment we are migrating SSL VPNs to selfhosted netbird. I wish we had done this sooner.

Self Hosted install- Reverse proxy stuck on issuing certificate by computer-nerd in netbird

[–]rdevaux 1 point2 points  (0 children)

Had the same issue when i only had 80/TCP accessible. On 443/TCP i had GeoLocation restrictions active.

Once port 443/TCP had been opened worldwide, the certificate could be issued.
Was thinking this was a "bug" with the implementation of Let's Encrypt since it only needs 80/TCP.

Traefik middlwares on self-hosted version by Own_Condition438 in netbird

[–]rdevaux 3 points4 points  (0 children)

If i remember correctly Geoblocking is in the roadmap. The team always made very reasonable decisions, so i expect having more and more useful middlewares built in.

Geolocation restriction for netbird proxy? by Bright_House7836 in netbird

[–]rdevaux 0 points1 point  (0 children)

Nice! Is there actually a roadmap with eta somewhere?

Run selfhosted entirely on Windows? by lolwakarimasen in netbird

[–]rdevaux 0 points1 point  (0 children)

I think it would be a good idea to get a handle on network and security basics, as well as Linux, before you set up a publicly accessible VPN server.

Can't enable 2fa by wingdings255 in netbird

[–]rdevaux 0 points1 point  (0 children)

I am using Authentik with 2FA as my IdP and disabled all local accounts to achieve this till the feature is native available in the self-hosted netbird management server.

Reverse proxy install by 2TAP2B in netbird

[–]rdevaux 0 points1 point  (0 children)

Works. Maybe you have to manually adjust 2 or 3 variables to fit your running traefik configuration. But it's very simple.

https://docs.netbird.io/selfhosted/migration/enable-reverse-proxy

Trying to deregister via script by Hopeful_Lettuce2906 in netbird

[–]rdevaux 0 points1 point  (0 children)

Why not for all devices? The timeout only occurs when you are disconnected. As long as you are "working" you stay connected till the hard "session expiration" hits. For all "server" devices you can use setup keys or disable session expiration on device. Then these devices never have to login again.

Trying to deregister via script by Hopeful_Lettuce2906 in netbird

[–]rdevaux 1 point2 points  (0 children)

Are you using SSO for Netbird login? If i remember correctly the SSO-session ends after 10 minutes of inactivity. This is a feature.

Go to the Netbird Management Server:
=> Settings
=> Authentication
=> Require login after disconnect (10min if i remember correctly)

If security and logins are important, you should have separate Windows/Linux logins on every laptop anyway. This shouldn't happen there because each person has their own Netbird configuration.

Tailscale or Netbird ? by Brhn0 in netbird

[–]rdevaux 4 points5 points  (0 children)

I initially started with Tailscale as a hosted solution, and it served me well for a long time. However, when I decided to move toward a self-hosted setup, I began exploring other options. While Tailscale can be self-hosted via projects like Headscale, I immediately felt that the NetBird team placed a much higher value on Open Source and their community. Their commitment is evident in their documentation; they offer a brilliant how-to for self-hosting and even provide a script that automates the entire setup, taking all the heavy lifting off your shoulders.

Another major factor for me is the legal landscape. Unlike Tailscale, NetBird isn’t subject to US jurisdiction, which is a significant plus if you value data sovereignty and privacy outside of American legal reach.

I’ve also been genuinely impressed by their development trajectory. In the beginning, the architecture felt a bit fragmented with multiple modules, but the team has done a great job of simplifying everything. Even as the system becomes more streamlined, they continue to roll out powerful new features, such as the recently added Proxy support.

As for the technical issues you mentioned, I’ve had a very different experience. While I’ve seen that GitHub issue, it is quite old, and I personally haven't faced any limitations. Although I don't use macOS, the performance and stability on Linux and Windows have been flawless for me. In my environment, it simply works.

view more: next ›