As the title says, I want to know the most paranoid security measures you’ve implemented in your homelab. I can think of SDN solutions with firewalls covering every interface, ACLs, locked-down/hardened OSes etc but not much beyond that. I’m wondering how deep this paranoia can go (and maybe even go down my own route too!).

Thanks!

    • ErwinLottemann@feddit.de
      link
      fedilink
      English
      arrow-up
      6
      ·
      9 months ago

      that should not be the case because wireguard only ‘runs’ when it sends or receives packets. try setting the keepalive time a bit higher, 5 minutes maybe.