wolfSSL is excited to announce the release of its new user-space VPN client. This client is written entirely in Rust, leveraging the language’s safety and performance characteristics. The implementation is based on the popular open-source boringtun project. Crucially, this new client incorporates FIPS-validated cryptography through the use of the wolfGuard protocol. This solution ensures a highly secure, reliable, and FIPS-compliant VPN connection. It is an ideal offering for organizations needing robust, next-generation VPN capabilities with stringent security requirements.

Try It Out!

These instructions show how to set up a demo VPN connection between two machines, running wolfGuard-boringtun from user-space on each side. The IP addresses, ports, and device names can all be changed as desired. This example will use a device name of wg50.

Install Dependencies

Ensure that the following dependencies are installed:

gcc
git
make
socat

If you do not already have a Rust development environment set up, first install Rust.

Build and Install wolfssl library

This should be done on each machine.

git clone https://github.com/wolfSSL/wolfssl
cd wolfssl
./autogen.sh
./configure --enable-all
make
make check
sudo make install
cd ..

Build wolfGuard wg-fips configuration utility and generate keys

This should be done on each machine. ``` git clone https://github.com/wolfSSL/wolfGuard cd wolfGuard/user-src make NO_IPC_LLCRYPTO=1 ./wg-fips genkey | tee private-key ./wg-fips pubkey . Download wolfSSL Now